Unfortunately, I was unable to do this. I told you that I had renamed ComboFix.exe to garbage.exe because the rootkit was preventing it from running. Long after it had run, I renamed the file back to ComboFix and moved it to a directory along with some other malware removal programs we used. Before trying to uninstall it, I moved it back to its original location on the desktop and tried this command, but got a Windows error message stating that Windows cannot find 'ComboFix'. Make sure... I tried renaming the file to garbage.exe and typing garbage /Uninstall, but got the same error message.muppy03 wrote:Uninstall ComboFix:
- Click on Start >> Run...
- Now type in ComboFix /Uninstall into the and click OK.
- Note the space between the X and the /Uninstall, it needs to be there.
The above procedure will implement some cleanup procedures as well as reset System Restore points
I manually deleted Dial a fix and System look and then ran the OTM Cleanup. After the reboot, Combofix/garbage was gone as well, so I don't know if some cleanup functions did not get run. There are some directories and files remaining that were a part of this process. Can I re-install ComboFix and run the cleanup, or is there a way to finish up other than manually deleting things? The following directories and files remain and look like they could be deleted (and resulted from running ComboFix):
- C:\Config.Msi\10a4c5.rbs
- C:\garbage\NircmdB.exe
- C:\garbage10669g\mbr.txt
- C:\garbage10669g\CF17292.cfxxe
- C:\garbage10669g\mbr.cfxxe
I expect that there may be others as well. I assume that the System Restore Point has not been reset either. Sorry for the complications.