Gimemo Trojan - How to remove

Gimemo Trojan

Gimemo Trojan is one of the ransomware trojans displaying various fake police and official institution alerts claiming that PC owner violated some law. Typically, the alerts displayed accuse the person with downloading copyrighted content or watching pornography. Most of these messages are not original and shared by other malware families, thus it is nearly impossible to distinguish some versions of Gimemo trojan by text or design alone. FBI ransomware version or Canadian Mounted Police ransomware version are shared with other police virus trojans. Some of Gimemo trojan designs are used by this trojan though.
Gimemo Trojan enters the system through exploit pages or is used to make money from PCs already infected with malware. The trojan does not display any warning prior installation. The most typical sing of this family is the way malware is launched on each PC reboot. There is no gap between user logging in and warning screen loading, which would indicate other ransomware family. You will also see the locking screen in safe mode with networking and blank screen in safe mode. This is because Gimemo Trojan always replaces the way login to Windows works. This makes this parasite tough to get rid of.
Gimemo Trojan can still be removed, and there are several options to do so. The most easy way is on systems where one user account is infected only. This requires system scan with anti-malware programs like spyhunter from other account. In the most cases, alternate OS scanner would cure infected system too.
If you have no unaffected system user accounts, there is a longer way.
1. Reboot into safe mode with command prompt. Gimemo Trojan should not be launched there.
2. Run regedit. Search for Winlogon.
3. There will be a key labeled Shell under Winlogon. It should reference Explorer.exe or be blank. If there is something else referring an executable in one of users folders, replace it with explorer.exe.
4.Save changes, reboot to safe mode with networking.
5. Run msconfig and disable all unnecessary startup entries. You should be able to reboot normally.
6. Install and run https://www.2-viruses.com/downloads/spyhunter-i.exe. Scan with it the PC and delete the Gimemo trojan executables it finds.

Automatic Malware removal tools

Download Spyhunter for Malware detection
(Win)

Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions,

Download Combo Cleaner for Malware detection
(Mac)

Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy ,

Manual removal

2 responses to “Gimemo Trojan

  1. I tried the above to remove this Trojan from a laptop but it doesn’t work. Any other suggestions?

    Thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *