VBS_GEDZA.A(1)

Discussion in 'malware problems & news' started by goofyfoot, Jun 20, 2005.

Thread Status:
Not open for further replies.
  1. goofyfoot

    goofyfoot Registered Member

    Joined:
    Jun 20, 2005
    Posts:
    6
    Location:
    UK
    Hello
    I have been infected with VBS_GEDZA.A(1) and it is sitting in my PQSC file. I have used Panda online scanner, trend micro housecall, stinger and my own AV program AVG pro 7. None of them have been able to remove it, I can't remove it manually and I cannot get into my registry, if I type regedit in the run field I get an error message that it "must now close".
    How can I remove this please?
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
  3. goofyfoot

    goofyfoot Registered Member

    Joined:
    Jun 20, 2005
    Posts:
    6
    Location:
    UK
    :'( Hi Ronjor
    I followed all the steps and am still left with trojan horse diallers in my PQSC files.
    Nothing seems to shift them, they are detected by AVG and trend micro but cannot be removed as they are archived and embedded.

    Also I cannot fix my registry as it displays an error message if I run a registry fix-it type program, or if I try to run regedit.

    Any ideas?
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
    Have you tried the TrendMicro tool? TrendMicro
     
  5. goofyfoot

    goofyfoot Registered Member

    Joined:
    Jun 20, 2005
    Posts:
    6
    Location:
    UK
    Yes Ronjor
    Trend micro online scanner and panda online scanner. they detected the trojan but would not delete or disinfect it. o_O
     
  6. goofyfoot

    goofyfoot Registered Member

    Joined:
    Jun 20, 2005
    Posts:
    6
    Location:
    UK
    Also did the trend sysclean - would not clean/disinfect :(
     
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
  8. ravin

    ravin Registered Member

    Joined:
    May 2, 2003
    Posts:
    241
    Location:
    South Carolina
    I've tried this with success in the past. download avast free edition which has a boot time scanner. boot into safe mode and install it there. upon install when it asks to schedule boot scan select yes and reboot anything found you will be notified. afterwards go back into safe mode and unistall the free version.
     
  9. goofyfoot

    goofyfoot Registered Member

    Joined:
    Jun 20, 2005
    Posts:
    6
    Location:
    UK
    Thanks Ron and Ravin
    will do both and keep you posted as to outcome
    Many thanks
    Goofyfoot :)
     
  10. goofyfoot

    goofyfoot Registered Member

    Joined:
    Jun 20, 2005
    Posts:
    6
    Location:
    UK
    Well I d/l avast and ran a scan, it found a few viruses (false alarms-panda av files),I also ran tds-3 again.I re-did the housecall online scan and it tells me I am clear of viruses.

    I am however still unable to get into my registry. :(

    I will now re-install avg to test the files that were infected...
     
  11. ravin

    ravin Registered Member

    Joined:
    May 2, 2003
    Posts:
    241
    Location:
    South Carolina
    Don't forget to update the definitions database in avast before rescanning. In case you haven't done so allready.
     
Loading...
Thread Status:
Not open for further replies.