Stubborn Garda virus

fitzcoff

everything seems fine with it.

Should I do anything else to try prevent it happening and wrecking your head again

ASJ112

what internet browser is used on the machine ?


also install malwarebytes on it

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

carzony

Just got my computer sorted, Left it in with a mate and it's perfect now

fitzcoff

ASJ112 wrote: »

what internet browser is used on the machine ?


also install malwarebytes on it

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

I think he normally uses crome, but not 100% on that.

I have malwarebytes put on and Jave needed updating (reading back on the thread I see some people were saying this might be an access point)

ASJ112

yeah probably was, install this program, run it and update everything it says needs updating

http://www.filehippo.com/updatechecker/


if they use chrome, install this extension

https://www.ghostery.com/download


also update mbam and run a quick scan if you still have access to the PC. That's bout it.

fitzcoff

ASJ112 wrote: »

yeah probably was, install this program, run it and update everything it says needs updating

http://www.filehippo.com/updatechecker/


if they use chrome, install this extension

https://www.ghostery.com/download


also update mbam and run a quick scan if you still have access to the PC. That's bout it.

My Dad collected it a while ago but I'll call over tomorrow and do the above.

thanks again

Ashbourne hoop

Is this the virus you're all talking about ? If so, can anyboy give me instructions how to get rid, in the simplest layman terms if possible. Currently downloading AVG on other user profile. When I run this will that work ?

edit: Cant upload pic on the pc but it has Ireland's national police service on it

ASJ112

can you log into the pc in normal or safe mode ?

Ashbourne hoop

Can log on to other users profiles as normal and only safe mode in my own.

ASJ112

can you run this on the infected account

download and run combofix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ashbourne hoop

ASJ112 wrote: »

can you run this on the infected account

download and run combofix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

I'll try and see if I can and I'll let you know how it goes. Cheers

Ashbourne hoop

ASJ112 wrote: »

can you run this on the infected account

download and run combofix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Actually couldnt do that. Running avg on affected account now. Will that work do you know ?

ASJ112

might do, post the avg log before you let it fix anything


also try this for combofix, rename it to "explorer.exe", does it run then ?

Ashbourne hoop

ASJ112 wrote: »

might do, post the avg log before you let it fix anything


also try this for combofix, rename it to "explorer.exe", does it run then ?

Ok it didn't work. Can't get onto Internet in safe mode on infected account to-download and run anything. Any ideas ?

fruitman

Got Norton anti virus on computer when bought, will this catch these virus?

Ashbourne hoop

fruitman wrote: »

Got Norton anti virus on computer when bought, will this catch these virus?

I have norton antivirus and still got it

fruitman

What would you put on aswell as norton to stop it?

Ashbourne hoop

ASJ112 wrote: »

can you run this on the infected account

download and run combofix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ran this. It's now offering me a sale items. Do I need to buy this ?

Ashbourne hoop

Ashbourne hoop wrote: »

Ran this. It's now offering me a sale items. Do I need to buy this ?

Got as far as PC stability level which is near the bad side of bar and tells me I need to buy a download. Is this purchase necessary ? Don't mind if it is to get rid tbh

ASJ112

combofix is free so not sure why its asking you to buy something.

can you go into safe mode and run combofix. Also are you sure you downloaded combofix and not something else ?

Diairist

Is this the garda one that says you'll be convicted as a kiddy offender? With the pictures of Her Majesty's police?

I ahd to bring my pc to someone who did the whole malware thing but a few icons disappeared.

Ashbourne hoop

ASJ112 wrote: »

combofix is free so not sure why its asking you to buy something.

can you go into safe mode and run combofix. Also are you sure you downloaded combofix and not something else ?

Got rid of it using the download on the met police website. Should I be doing something to try make sure it doesn't come back ? Thanks for your help btw

ASJ112

install malwarebytes, update it, run a quick scan with it

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

corm500

I too have this bloody virus. I downloaded hit man pro to a USB flash stick, but my pc does not have USB set up as one of its bootable drives. I can not open the pc even in safe mode as the virus screen is in that too so I need something that will kill it from boot. Is there any way of getting hit man to boot from a cd? Or is there any other cd based program that I can use to boot from?

ASJ112

do the step in post #2 here

http://www.geekstogo.com/forum/topic/288388-unbootable-system-tutorial/

mp22

Just a update to this.A friend dropped in there laptop last night locked up with the ukash virus.Samsung laptop on win 7.

Steps taken enable hidden admin account using trinity rescue kit,install malwarebytes run a full scan,did not remove the virus.Installed avast set it to do a boot scan 4 hours later all sorted.

frash

My sister dropped off her laptop with this virus on it earlier this week and I removed it using some Norton Rescue tool that I had to hand.
All good I thought but now she's saying that she can't connect to her wireless network - it's not seen at all.

Anyone else seen this?

jimmurt

I'm after getting rid of it by doing a system restore.

However, it's getting a message saying this version of windows is not genuine at the bootm right hand corner of the screen.

Is this something I should be worried about?

Lelantos

jimmurt wrote: »

I'm after getting rid of it by doing a system restore.

However, it's getting a message saying this version of windows is not genuine at the bootm right hand corner of the screen.

Is this something I should be worried about?

Did you enter a genuine Windows product key? If so, you shouldn't get this message, if you used a keygen you will see this message constantly until it's rectified

iggy

Got rid of this nasty bugger today.
Ran hitman pro on use stick and deleted the Skype.dat file.
I was able to run malware bytes then.
It wouldn't allow me enter safemode, it would just shutdown laptop.
Hopefully it's gone for good.