Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojen Horse EL - - Unable to open removal programs


  • Please log in to reply

#1
fiveshotz

fiveshotz

    New Member

  • Member
  • Pip
  • 3 posts
Hi all,

I have managed to pick up a Trojen Horse EL which has been opening spy ware on IE and stopping AVG from working all together. I tried downloading a few files and all were deleted from target file once download finished.

I downloaded AVZ4, ComboFix and Malwarebytes on another PC and put on zip drive. I have been able to install Malwarebytes but have not been able to open any of these programs.

Can anyone lend so advice? I will contiune to try and get the programs open so I load an analysis.

Cheers

--------------------------

Logs are attached.

Attached Files


Edited by fiveshotz, 20 June 2009 - 04:21 AM.

  • 0

Advertisements


#2
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello fiveshotz

Welcome to G2Go. :)
=====================
Delete your version of Combofix and then do the following:

Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3

Posted Image


Posted Image
--------------------------------------------------------------------

Double click on Combo-Fix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt

  • 0

#3
fiveshotz

fiveshotz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Hi kahdah,

Thanks for your reply.

I have tried downloading ComboFix and changed the file name to Combo-Fix but once again te file was not saved. Once download is finished I get the attahed message, I click allow, it disappears and nothing happens. I have tried downloading different types of files, music etc and the same thing happens????? I have also tried to load combo fix from an external drive but it does not load?

Any ideas??

Cheers

Attached Thumbnails

  • AVG.jpg

  • 0

#4
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Does combofix tell you anything or does it just uninstall itself ?
Or are you saying that you see the attached picture every time that you download something at all?
  • 0

#5
fiveshotz

fiveshotz

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
The message appears after I download any file, I click allow, the message disappears and so does the downloaded file. So I haven't been able to install ComboFIx at all or any other downloaded file. I have downloaded COmboFix on another pc and tried opening it off an external drive but nothing happens????
  • 0

#6
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
OK well for now see if you can download this program from another computer and then transfer it to your system and try to run it.

Please click here to download AVP Tool by Kaspersky.
  • Save it to your desktop.
  • Reboot your computer into SafeMode.

    You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
    Use your up arrow key to highlight SafeMode then hit enter
    .

  • Double click the setup file to run it.
  • Click Next to continue.
  • It will by default install it to your desktop folder.Click Next.
  • Hit ok at the prompt for scanning in Safe Mode.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.

  • System Memory
  • Startup Objects
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)


After that click on Security level then choose Customize then click on the tab that says Heuristic Analyzer then choose Enable Deep rootkit search then choose ok.
Then choose OK again then you are back to the main screen.

  • Then click on Scan at the to right hand Corner.
  • It will automatically Neutralize any objects found.
  • If some objects are left un-neutralized then click the button that says Neutralize all
  • If it says it cannot be Neutralized then chooose The delete option when prompted.
  • After that is done click on the reports button at the bottom and save it to file name it Kas.
  • Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

    Note: This tool will self uninstall when you close it so please save the log before closing it.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP