Remove Gemel. Description and removal instructions

Title: Gemel
Type: Worms	Severity scale: (67 / 100)

Gemel is an Internet worm that spreads via ICQ messages and through file sharing networks using popular peer-to-peer applications. The parasite deletes several essential Windows components such as the Task Manager and System Configuration Utility. It erases the command.com file that is needed to boot some versions of Windows OS. Gemel creates infected files with meaningful names and drops them into shared folders of Kazaa, Grokster, Morpheus and ICQ programs. This is done in order to trick other users into downloading and running malicious files. The worm also attempts to create an infected executable on a floppy disk. Gemel runs on every Windows startup.

FORUM:
Discuss Gemel in
spyware removal forum

Gemel properties:
• Hides from the user
• Stays resident in background

Automatic Gemel removal:

remover for Gemel

Gemel manual removal:

Kill processes:
gedzac.exe, zacker.exe

HELP:
how to kill malicious processes

Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gedzac
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zacker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Gedzac
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Zacker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RegisteredOrganization=Gedzac
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RegisteredOrganization=Zacker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RegisteredOwner=Kuasanagui
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Winnt\CurrentVersion\RegisteredOrganization=Gedzac
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Winnt\CurrentVersion\RegisteredOrganization=Zacker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Winnt\CurrentVersion\RegisteredOwner=Kuasanagui

HELP:
how to remove registry entries

Delete files:
gedzac.exe, zacker.exe

HELP:
how to remove harmful files

Delete directories:
C:\Windows\Guindows
C:\Winnt\Guindows

Other programs to remove Gemel:

• Malwarebytes Anti Malware - Review - Download
• Malwarebytes Anti Malware - Review - Download
• Windows Defender - Review - Download

Information added: 19/03/04
Information updated: 01/10/05

Additional resources related to Gemel:

Attention: If you know or you have a website or page about Gemel removal, feel free to add a link to this list: add url

Post Comment:

Attention: Use this form only if you have additional information about Gemel parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Latest spyware news:

Rogue security applications impersonate leading anti-virus manufacturers

Attack of Waledac Worm is schedulled on July 4

Another Parasite Attack Spreads Via Twitter

Free security product vets Twitter links

Mac trojan targets game sites to infect users

Security Threat at Fanny Mae

Some web sites to avoid for today

British Government will track all e-mail's

YOUR SISTER NAKED LOLZ com

“intervalhehehe” popup

Subscribe to news

Similar parasites:

IRC-Worm.Bildan.b

I-Worm.Donghe.c

W32.Backdoor.Nibu

Compare spyware removers
Compare free products

HijackThis Log Analyzer Beta 2

HijackThis Log Analyzer Beta 2

Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC