problem with Combofix

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by tkhent, Nov 21, 2008.

  1. tkhent

    tkhent Private E-2

    I was actually going through the Read & Run Me First instructions to try and resolve a win32trojandownloader, which AdAware has since removed. But computer was still slow so I thought there may be other issues. After downloading SUPER Anti Spyware; Spybot; Malwarebytes; ComboFix and MGTools...I then ran SUPER Anti Spyware; Spybot and Malwarebytes. Before I ran ComboFix, I was instructed to download WindowXPConsole. I didn't succeed in dwnlding that, but in the meantime McAfee alerted me to RemAdm-ProcLaunch!171 and Nir something.
    Problem 1)McAfee was unable to completely remove RemAdm-ProcLaunch!171. Is there a way for me to remove it?
    Problem 2) how do I completely uninstall ComboFix? Not finding an uninstall or in Add/Remove Programs, in frustration I deleted ComboFix from my desttop. Mistake, by the threads I see that I should have unistalled it. It's gone from my desktop, but I see it listed under the C drive. I still have the slowness, but I guess I should start with getting rid of the RemAdm-ProcLaunch!171 and ComboFix for starters!
    Any Help is Greatly Appreciated
    Thanks
     
    tkhent, Nov 21, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    False detections by McAfee of files being used by ComboFix. NirCmd is not a problem. Actually McAfee is more of a problem than NirCmd. ;)

    Download it to your Desktop again and then run the below.

    • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
    • "%userprofile%\Desktop\combofix" /u
      • Notes: The space between the combofix" and the /u, it must be there.
      • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    • Delete the C:\combofix folder from combofix (if it exists)
     
    Last edited: Nov 23, 2008
    chaslang, Nov 22, 2008
    #2
  3. tkhent

    tkhent Private E-2

    Hi,
    I receive the message: Windows cannot find C:\Documents and settings\Kathie\Desktop\Combofix

    I'm not sure if it matters, but I had earlier deleted (just by "delete" ) Combofix from my desktop. However it does exist directly under my C drive (not in Doc&settings). the path is C:\Combofix
     
    tkhent, Nov 22, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You need to redownload the combofix.exe file directly to your Desktop and then run the uninstall command.
     
    chaslang, Nov 23, 2008
    #4
  5. tkhent

    tkhent Private E-2

    Okay, I will do that.
    If I reinstall to the desktop then uninstall the the esktop combofix - will that desktop unistall also remove the combofix that is C:\ConboFix or just the combofix on my desktop?
    Just wondering.
    Thanks for your help
     
    tkhent, Nov 23, 2008
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Just see my uninstall instructions ;) especially the last line.
     
    chaslang, Nov 23, 2008
    #6
  7. tkhent

    tkhent Private E-2

    where are your instructions?
     
    tkhent, Nov 23, 2008
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    In message number 2 of this thread. ;)
     
    chaslang, Nov 23, 2008
    #8
  9. tkhent

    tkhent Private E-2

    whoops, sorry.
    I did...and everything is gone.
    Thanks for you help.
    You guys are awesome!
     
    tkhent, Nov 23, 2008
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
    chaslang, Nov 23, 2008
    #10
  11. tkhent

    tkhent Private E-2

    I'm back, as I noticed that SUPERantispyware is in my Program Folder. Should I reinstall it and uninstall it again? I'm still getting the false positive on nircmd from McAfee. Is there a way to get rid of that file also. It's just a nuisance.
    thanks for your help.
     
    tkhent, Nov 27, 2008
    #11
  12. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I assume you mean you have already uninstalled it and the folder remains. If that is true then just delete the folder.

    Just delete the file it is referring to. Is it c:\windows\system32\nircmd.exe? Or is it something in System Volume Information which is System Restore? Nothing can clean System Restore. You need to disable system restore and then reenable it to clean things from there.
     
    chaslang, Nov 28, 2008
    #12
  13. tkhent

    tkhent Private E-2

    Thank you so much for all your patience and help!
     
    tkhent, Nov 29, 2008
    #13
  14. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
    chaslang, Dec 1, 2008
    #14

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds