RootsChat.Com
General => Technical Help => Topic started by: Jomot on Sunday 07 January 18 02:48 GMT (UK)
-
My virus scanner has identified the above but has not been able to remove it.
I've googled and found a site telling me how to remove it, but it involves playing around in the registry, which I don't think I feel confident enough to do.
Can anyone please advise how bad this is, and whether there is another way to remove it?
Thanks
-
Hi
What anti-virus are you using?
There are some additional "options" here . . . . .
https://antivirus-blog.com/removal-guides/remove-genvariant-msilperseus-19245-virus-removal/
Ray
-
Thanks, I'll probably try that this afternoon.
I'm using F-Secure. Not sure how I ended up with the trojan though as I'm usually very careful.
-
Try malwarebytes - it's free but just be careful during installation that you don't select the premium trial option.
https://www.malwarebytes.com/
-
Thanks - that's also what was suggested in Ray's link.
I ran it this afternoon & nothing was detected so I don't really know whats going on. Looking at the original F-Secure report there's some reference to FreeReg (I transcribe for them), although I haven't opened any of those files since before Xmas and have had several 'clean' scans since then. I was planning to re-start transcribing next week, but now I'm nervous.
Its still sat in the F-Secure quarantine area - can/should I just delete it from there?
-
Hi
I'd talk to the tech staff at the website you are using . . . . .
I can only say that, if it were me, I'd delete everything in quarantine.
Ray
-
Its still sat in the F-Secure quarantine area - can/should I just delete it from there?
Yes.
-
:)
That's 2x votes
:)
Once deleted, then run your own antivirus again.
THEN reboot
Then download and run
http://www.microsoft.com/security/scanner/en-us/default.aspx (http://www.microsoft.com/security/scanner/en-us/default.aspx)
Then reboot immediately after
Then ( guess what? )
Rerun antivirus and reboot, until you get no warnings
( ie Get a clear run between 2 consecutive boots )
Ray
Possible (more recent) replacement for above . . . . .
https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx
-
Hi
So what did they say?
Cheers!
Ray
-
Sorry, I must have missed the notification emails for this thread - on top of everything else I've had this cold/flu thing that's been doing the rounds so my head is a little befuddled!
I've deleted the quarantined items and re-run the anti-virus, which was clear. I'm dying on my feet so will will do the other stuff tomorrow. Thank you for your help so far, and again, apologies for the tardiness in replying.
-
Hiya!
[ Hope you feel better soon ]
I have contacted Freereg on your [ Our :) ] behalf, explained potential problem. Let's see what they say?
There does seem to be a number of different "interface" websites for their communications.
Ray
-
Thanks. After almost 11 hours of well needed sleep I'm feeling a little more human today!
I'm running the Microsoft scanner now but it looks like it may take a while as I opted for the full scan rather than the quick.
I don't think FreeReg has much in the way of technical support, but for now I won't open any of the transcription files etc.
-
Just a quick update.... it hasn't been a good day!
The Microsoft program didn't find anything so I restarted and ran the F Secure scan as instructed. This still found a harmful file but got stuck at 84%, and the only way to stop the scan was to re-start the laptop (the normal 'stop' button wouldn't work).
This happened a couple of times so I was advised to uninstall & reinstall F Secure, which I did - only now there's nothing harmful being flagged but it gets stuck at 99% & can still only be stopped / closed by a full re-start. Unfortunately the helpdesk is now shut so it will have to wait until tomorrow.
The file it keeps getting stuck on is C:\SWSETUP\APP\Applications\Cyberlink\Powermedi_MM.../ACBDWrapper.dll, but Cyberlink came pre-installed on the laptop and I removed it, so I'm more confused than ever!
-
It just keeps getting better & better (not).
Spent more than 2 hours talking to F Secure, who gave up & blamed Microsoft. Microsoft said nothing to do with them but created a second profile on my laptop, copied all my files over then waved goodbye.
The problem still isn't fixed so I still can't complete a scan, but I now have 2 profiles & no idea how to revert to just the original one.
Looks like another marathon session on the phone tomorrow, but for now I need vodka. Lots of it!
-
It seems that we cannot contact each other ???
I got the response following . . . . .
Ray
=====================================
Dear - Thank you for bringing this to our attention. I have raised the issue with our development team and will keep you appraised. We may need some more information from the person who made the original post; could you ask him to drop a quick email to info@freeukgenealogy.org.uk if you are so inclined?
Kind regardsThe Communications Team
On Mon, Jan 8, 2018 at 8:39 PM, <freereg-contacts@freereg.org.uk> wrote:
Dear
Thank you for your correspondence at 20:37 on 2018-01-08. Please quote the following number 95373581 in any subsequent communication with us on this matter.
-
Thank you Ray
I'm on with Microsoft now to reverse whatever they did yesterday, then it's back to F Secure, then I'll contact FreeReg.
Appreciate your help.