Cannot eliminate trojan.gema

V

Virgil

I run windows XP and this morning my Norton AntiVirus informed me that I
have trojan.gema (as hvid.exe) and it cannot eliminate it; it isn't allowed
access. After going to the Symantec site I followed the instructions at:

http://securityresponse.symantec.com/avcenter/venc/data/trojan.gema.html

I have not been able to rid my laptop of hvid.exe. It is still showing up
at C:\WINNT\system32\hvid.exe.

Does anyone have any suggestions as to what my next step should be? Any
advice would be appreciated.
 
D

David H. Lipman

Virgil:

Go into the XP Safe Mode and perform a full scan of your platform and clean/delete any
infectors.

Dave



| I run windows XP and this morning my Norton AntiVirus informed me that I
| have trojan.gema (as hvid.exe) and it cannot eliminate it; it isn't allowed
| access. After going to the Symantec site I followed the instructions at:
|
| http://securityresponse.symantec.com/avcenter/venc/data/trojan.gema.html
|
| I have not been able to rid my laptop of hvid.exe. It is still showing up
| at C:\WINNT\system32\hvid.exe.
|
| Does anyone have any suggestions as to what my next step should be? Any
| advice would be appreciated.
|
|
 
V

Virgil

Virgil:

Go into the XP Safe Mode and perform a full scan of your platform and
clean/delete any infectors.

Dave



| I run windows XP and this morning my Norton AntiVirus informed me
| that I have trojan.gema (as hvid.exe) and it cannot eliminate it; it
| isn't allowed access. After going to the Symantec site I followed the
| instructions at:
|
| http://securityresponse.symantec.com/avcenter/venc/data/trojan.gema.ht
| ml
|
| I have not been able to rid my laptop of hvid.exe. It is still
| showing up at C:\WINNT\system32\hvid.exe.
|
| Does anyone have any suggestions as to what my next step should be?
| Any advice would be appreciated.
|
|
Click to expand...
Dave,

Thanks for the info. I did as you suggested and got rid of the hvid.exe via
Norton. Then at start up I got two boxes: one said windows couldn't find a
start up program hvid.exe and the second said it could not find hvid.exe
and I should remove it from the registry. I ignored these since I don't
want to go playing in the registry files without direction. I took the time
to use a utility to remove some programs from running at start up and the
warning boxes were gone.

I also noticed in my add or remove programs that I had a new Hvid icon! I
couldn't uninstall it since it wasn't there anymore and I certainly didn't
have it previous to today. I ran Ad-aware and Spybot earlier; neither had
found Hvid.

Anyway, thanks again for the help!

Virgil
 
K

kurt wismer

Virgil said:
I run windows XP and this morning my Norton AntiVirus informed me that I
have trojan.gema (as hvid.exe) and it cannot eliminate it; it isn't allowed
access. After going to the Symantec site I followed the instructions at:

http://securityresponse.symantec.com/avcenter/venc/data/trojan.gema.html

I have not been able to rid my laptop of hvid.exe. It is still showing up
at C:\WINNT\system32\hvid.exe.
Click to expand...

obviously you didn't actually carry out all the instructions on that
page... it tells you to reverse the changes that tojan.gema makes to
the registry and then restart... it even described earlier in the page
what those changes were... had you done that the trojan should not have
been running and you would not have gotten the "access denied" message...
Does anyone have any suggestions as to what my next step should be? Any
advice would be appreciated.
Click to expand...

from the other articles in this thread i see that you did finally get
rid of this, but still have some unwanted registry entries - revisit
the instructions on that page and you may be able to remove them...
 
V

Virgil

obviously you didn't actually carry out all the instructions on that
page... it tells you to reverse the changes that tojan.gema makes to
the registry and then restart... it even described earlier in the page
what those changes were... had you done that the trojan should not
have been running and you would not have gotten the "access denied"
message...


from the other articles in this thread i see that you did finally get
rid of this, but still have some unwanted registry entries - revisit
the instructions on that page and you may be able to remove them...
Click to expand...

I did follow the procedure as outlined as per the registry and in fact
tried it again when it didn't work, but hvid was gone from the registry
or at least the area I had previously been to. I must have made an error
somewhere. I'll look for them again.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Need help with trojan.gema 1
Trojan.Gema virus - Start Up Error 4
TROJAN.GEMA virus 1
Another TROJAN.GEMA virus question. 1
wminfo.exe missing 3
trojan.gema virus update 4
missing sndbass.exe file 1
w32.chod.d and the hosts file 7

Top