Stubborn Garda virus

iggy wrote: »

Got rid of this nasty bugger today.
Ran hitman pro on use stick and deleted the Skype.dat file.
I was able to run malware bytes then.
It wouldn't allow me enter safemode, it would just shutdown laptop.
Hopefully it's gone for good.

HI, mine keeps shutting down also in safe mode, how do I run the usb before if shuts down? Have Hitman Pro on the usb, Thanks

CHLuke wrote: »

Hi all,
Just wanted to thank the posters who gave some information on how to remove this virus for 'non-techies', really helped out.

Just in case others have encountered this, I found that when I ran the anti-malware, a programme that called itself 'MSConfig' was left over and ran at start up. Once I figured out this wasn't the legit MSconfig and 'ticked it' not to run at start up I had no further problems with it. I think I'll have to go and actively delete it now, but was confused for a while as to why msconfig was giving problems.

Thanks again,
CHLuke

Hi,
I had this as well and found that it had installed a startup task called msconfig that ran a window exe using a .dat file in the application data directory. I disabled the task and ran mbam, spy bot and ccleaner. On normal restart, I downloaded and ran combofix and it deleted another few .dat files. It's a bit of a bugger to fix (I had it fixed when I inadvertently ran the msconfig link thinking it was the normal msconfig, der) but you should be able to fix it without taking it to the repair guy.
Thanks for the help,
Art

My question is - what sites were people visiting and HOW do they end up contracting this virus?

I don't have it, just wondering where it comes from..

Yo

I got the same virus last night., My first virus ever in over 15 years of home computing : /

Dropped my firewall and my anti virus protection on my main pc, trying to resolve an internet connectivity issue on my laptop. Was google hoping trying to find an solution ( had installed ubuntu onto my old laptop but couldnt get internet) and went to a site that said it had a solution then bang my PC restarted, and when I boot up the desktop this thing is locking me down.

I can boot into safe mode with networking so I can download things to remove it, just so far no luck.

Tried Malwarebytes which located some stuff and removed it, but virus is still present when I boot up into normal windows.
I ran spybot search and destroy and same thing.

Would appreciate some recommendations of tools that will remove it, and if anyone who got it, successfully removed it and what you did to do so.

I'm in work until this evneing but please reply, and I'll try everything when I get home and let you know how I get on.

I see a few things in here that looks positive, and I can fully boot into safemode with networking so hopefully can get it removed.

The disabling the Russian font looks like a good shout I didn't catch.

I'm worried that I ran two relatively strong anti-virus scanners which caught somes tuff, but then failed to remove it entirely.

Thanks,
Doc.

ppshay wrote: »

Trying to clean this at the minute. Booted to Kaspersky Rescue Disk first, no joy. Running Trinity now. Clam AV found some infections but not the Garda Virus. F-Prot found no infections. Running bit defender at now.

This is a slow process.

Can Hitman Pro run from CD?

Malwarebytes