mobogeni

Sandycheeks

Sandycheeks

Sandycheeks

Associate
Joined
30 Oct 2013
Posts
1,795
Anyone know how to get rid ?
I decided to scan sons pc whilst he was out as I can't rely on him to do this regularly and found 9 virus'
most were fixable but upon boot time scan I'm having problems with mobogeni.
Avast free / windows 7 pro.
 
First I run avast full system scan <threats found>
Then I uninstalled a load of junk programs
I then ran boot scan <problems found>
Then quick scan <no problems found>
Then TDSS killer <no threats>
Then Glary utilities 1 click maintenance
Then Malwarebytes quick scan <threats detected>
Then MB quickscan again <no threats detected>
Now MB full scan <threats detected>
 
Sandycheeks said:
Do I run all of them and in that order ?
Do I enable system restore afterwards ?
Thanks !
Click to expand...

I don't necessarily always run them in that order, in fact a better order would probably be:

Disable system restore
Run CCleaner
Malwarebytes
Super antispyware
ComboFix

Full scans on all of the above.

ComboFix last as it can be quite brutal, so you may want to check the state of the machine after Super antispyware. If you're happy it's gone then you could skip ComboFix. I've never had a problem with it myself and have run it on many client PCs, but it can be a bit aggressive sometimes (from what I've read).

Oh, and do the above scans in safe mode.
 
Last edited:
Show him some legit pr0n sites that you use, those free dodgy sites are virus ridden. ;)

Sometimes too many AV apps can be bad, stick to 1 or 2 good ones that do not conflict.
 
I carried out the list as per Craig321 s post and combo fix still found traces of mobogenie.
I have done this around 3-4 times to no avail.
I decided to do a clean install and came across this message;
"windows cannot be installed to this disk. The selected disk is not of the GPT partition style"
I have run gparted from a live cd and am now installing to that partition.

I have a 1tb drive with a 120gb partition for OS and the rest for everything else.
Question...If the virus / Trojan is on the other partition will it still be there after this ?

It emerges that my lad has downloaded a call of duty game from a torrent site (good advice from his mates) DOH !!!
 
jh30uk said:
Show him some legit pr0n sites that you use, those free dodgy sites are virus ridden. ;)

Sometimes too many AV apps can be bad, stick to 1 or 2 good ones that do not conflict.
Click to expand...

Yep, no good running active scanners at the same time, but no harm running multiple scans.

Sandycheeks said:
I carried out the list as per Craig321 s post and combo fix still found traces of mobogenie.
I have done this around 3-4 times to no avail.
I decided to do a clean install and came across this message;
"windows cannot be installed to this disk. The selected disk is not of the GPT partition style"
I have run gparted from a live cd and am now installing to that partition.

I have a 1tb drive with a 120gb partition for OS and the rest for everything else.
Question...If the virus / Trojan is on the other partition will it still be there after this ?

It emerges that my lad has downloaded a call of duty game from a torrent site (good advice from his mates) DOH !!!
Click to expand...
It's a persistent one!

Yes, the trojan would still be on the other partition after a format and reinstall, but it shouldn't be active. Just don't click it, run some full scans on that disk/partition and let it remove.
 
Yes..I think !
It was detected as a trojan.
When I tried to uninstall it I kept getting the message that it the file couldn't be removed as it was in use elsewhere.
I searched and deleted everything I could find that had any reference to it but the AV kept finding instances of it.
The boot scan showed numerous instances of it but when selecting to repair or delete it wasn't able to and was kind of stuck in a loop unless I chose to ignore it.

I'm in the frame of mind to format the whole drive....having to download all of his games over a couple of days might teach him to not neglect the AV scan and not download stuff from dodgy sites !

Thanks.
 
If you can't fix it, then just nuke the whole drive from orbit and then set up an account with minimal privileges so this kind of thing can't happen again.
 
You must log in or register to reply here.
Back
Top Bottom