Information Security

How To Remove GimmieAnswers Spyware Virus, TDLS Alias Alureon

Earlier today a client called and said he had a virus or some spyware on his computer that could not be removed. The client was remote so I had to login to his computer to investigate. I used the typical tools such as Malwarebytes and Microsoft Security Essentials but the issue still existed. It seemed as if the computer had a proxy server configured but the proxy did not show underneath Internet Explorer connection settings or any of the other browsers. It didn’t happen all of the time but every now and then a pop up window would appear for the site and some other pop ups regarding “Daily Giveaway Contests” were also displaying. Below is more information on how the issue was resolved.

Technology Insights

Microsoft Security Essentials Unable To Remove Trojan:Win32/Dursg.C Found In lsass.exe

A client called me today saying that a computer I had recently removed the Personal Security Virus from now appeared to have another virus. I was surprised by this since I had left Microsoft Security Essentials installed and active. My first thought was that he must have disabled the virus software however when I started looking at the laptop this was not the case. Below I describe steps I took to resolve the issue that were unsuccessful in remove the Trojan:Win32/Dursg.C as well as what I finally did that resolved the issue.