# Can't remove Trojan win32 gen upx



## jaegerdog (Jan 31, 2008)

I ran a scan with avast and 7 Trojans popped up. One was in,
C: old docs\ctrl_downloads\combofix.exe\catchme.cfexe
The other 6 were in
C:system volume information\...catchme.cfexe
I tried to move them to the chest and tried to delete them, but was met with errors in each attempt
I don't know much about computers, and I would really appreciate any help!


----------



## AndreaACME (Feb 4, 2008)

You should note the names of the trojans you're AV signals you.
Then you use the internet (if you can, otherwise use a friend's computer to go on internet) to search for a virus/trojan removal tools. 1 virus type = 1 removal tool
Do this for every virus you find and you should be on the safe side.

Alternatively you can try and remove them manually but .... as you say that you are not very into computers, I would strongly advise the first option (above).

Semi-automatically you could always attempt to:

- Start up your system in "Safe Mode": reboot immediately keep pressing F8 until windows stops loading and asks you about the starting mode. Then run the AV again and this time you may be able to remove the trojan. This will have removed viruses from your C: drive in non-system directories.

- Disable system recovery from Control Panel, look for system recovery tab and select options to disable it's function on all drives. This will allow you to remove viruses from C:\system volume information. Now open a files and folders view (Start > Programmes > Accessories > Windows Explorer) and right-click on the C: drive > Properties then click on cleanup button. Select goto MoreOptions tab and then press Cleanup on the SystemRestore paragraph, confirm. DONE

To remove a virus successfully you need much more to know but ... this will at least do something about the files you mentioned in your post.

After completion of all these operations you can reboot and let windows load normally.
Just to make sure, run AV again in normal windows mode. Good luck!

Andy


----------

