Author Topic: Virus Help (Read 1737 times)

T_J_G · « **on:** 16 February 2012, 22:12 »

Right I'm not totally up to speed on Windows but it seems our laptop has got a trojan. Spybot picks it up as a WIN32 GEMA but won't remove it. I tried to download AVG but it comes up that my security settings on browser don't allow this

When a search on google is done and we click a link it'll forward us to ebay or adultfriendfinder.com.

I'm running Spybot in administrator mode see if that'll kill it...any ideas people?

richw911 · « **Reply #1 on:** 16 February 2012, 22:14 »

Remove it in safe mode

bobbarley · « **Reply #2 on:** 16 February 2012, 22:16 »

AVG might work. It's free too.

Jay · « **Reply #3 on:** 16 February 2012, 22:21 »

Check my blog in my profile, I hastily wrote a post not so long ago about removing viruses

Lots of viruses are modelled around the same lame tactics and in most cases easier to remove thanks to this lameness.

T_J_G · « **Reply #4 on:** 16 February 2012, 22:33 »

Quote from: bobbarley on 16 February 2012, 22:16

AVG might work. It's free too.

Downloading now.

Jay read your blog but to be honest most of it went over my head. Does the taskill stop the virus from being used and therefore can be removed easier?

Jay · « **Reply #5 on:** 16 February 2012, 22:40 »

It stops the virus program running, if you've told taskkill to kill the correct program that is. Also depends on a few things, the virus could be running in multiple processes (program names like zxcv.exe or asdf.exe) so you'll need to kill all, or boot into safe mode - most viruses don't / can't run in safe mode.

It is a bit of a mess and I need to tidy it up, I just has inspiration late at night and rambled on

T_J_G · « **Reply #6 on:** 16 February 2012, 23:01 »

It's kind of useful but I'm not too clued up on Windows.

I've taskkilled IE and doing another spybot search? If not reboot into safe mode and remove through Spybot that way?

clipperjay · « **Reply #7 on:** 16 February 2012, 23:08 »

Hijack this kill the process
run malware bytes
Get doggy and search for other files that contain those for mentioned virus names then manually delete the other files!
Done

T_J_G · « **Reply #8 on:** 17 February 2012, 00:33 »

Right done a hijack this jsut no idea what it means!

clipperjay · « **Reply #9 on:** 17 February 2012, 09:16 »

You need to seperate normal processes from a active virus you can click on each item it finds to establish if Hijack this thinks its normal. The tricky part is establishing what its doing, but safe bet get Malware bytes get trial version of Pro to clean up the comp, but sometimes the virus is clever enough to stop installs which is why you need hijack this to stop it in its tracks before wiping it out! Read the guides for Hijack this or print a copy of what it finds on here if you can?

GolfGTIforum.co.uk

Author Topic: Virus Help (Read 1737 times)

T_J_G

Virus Help

richw911

Re: Virus Help

bobbarley

Re: Virus Help

Jay

Re: Virus Help

T_J_G

Re: Virus Help

Jay

Re: Virus Help

T_J_G

Re: Virus Help

clipperjay

Re: Virus Help

T_J_G

Re: Virus Help

clipperjay

Re: Virus Help