Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

trojan horse issue - system 32 error - can't run AVG to remove


  • Please log in to reply

#31
ron26

ron26

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Now I'm working on System Restore.

Following the instructions I choose "create a restore point" and then it asks me to type in a Restore point description. Not sure what to type here, the instructions don't tell me this.

I'm unclear.
  • 0

Advertisements


#32
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
I would not remove the profile without creating a new one first and transferring the files to it. Perhaps the beta version will work for you:

http://blogs.technet..._2D00_setup.msi

Ron
  • 0

#33
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
OK forget the last post.

Just give it a name like Clean or something.

Ron
  • 0

#34
ron26

ron26

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Okay, created the Restore point, named it clean, and just followed Jim's plan for purging old system restore points.

I guess I'll just follow along now in the rest of your instructions?
  • 0

#35
ron26

ron26

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
trying to uninstall combofix.

Getting this message: "is not recognized as an internal or external command, operable program or batch file."

I copied and pasted it, so didn't change anything. I'm guessing we have something a bit out of place with the command text?
  • 0

#36
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
You ran Combofix from downloads instead of your desktop. Try

c:\documents and settings\Ryan Asher\My Documents\Downloads\ComboFix.exe /uninstall
  • 0

#37
ron26

ron26

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Sorry, but I'm still not getting this.

Am I doing the run: cmd, then copying c:\documents and settings\Ryan Asher\My Documents\Downloads\ComboFix.exe /uninstall into the black box/screen?

I've tried this but I'm still getting the error message in the C:\Windows box.

Not sure what I need to do or am doing wrong.
  • 0

#38
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Yes you should copy it then Start, Run, cmd, OK and right click and Paste or Edit Paste then Enter.

I think if that doesn't work you should just delete the combofix.exe file and also delete the c:\qoobox folder. There may also be something C:\combofix(bunch of random numbers) which you can also delete.

Ron
  • 0

#39
ron26

ron26

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Tried it again, still not working.

Deleting - how do I delete combofix? qoo? etc?

Sorry, not very good with this stuff.
  • 0

#40
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Right click on Start and select Explore then look in the left column. You should find C:\. If you click on it then in the right column you should find Qoobox. Right click on it and Delete. You may also find a folder whose name starts with combofix. Right click on it and delete.

Ron
  • 0

Advertisements


#41
ron26

ron26

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
I found Qoobox and right clicked, delete.

I got this message:
"Cannot delete BackEnv: Access is denied. Make sure the disk is not full or write protected and that the file is not currently in use."
  • 0

#42
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:files
c:\qoobox
   
:Commands
[Reboot]

then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done.
  • 0

#43
ron26

ron26

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
I did this, a box came up asking to reboot, clicked ok...nothing is happening. Waited quite awhile.

Not sure what to do.
  • 0

#44
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
force it to reboot.

Ron
  • 0

#45
ron26

ron26

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 169 posts
Okay, did that.

We've gone through so many issues though I'm not sure what step to pick up on. Please advise what # post I should start with. Not sure where to start up again.

Thank you.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP