Click on screenshot to zoom
Danger level 9
Type: Malware
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Changes background
  • Connects to the internet without permission
  • Shows commercial adverts
  • Annoying Pop-up's

GEMA virus

GEMA Virus is a malicious infection that gets into your computer via a drive-by download. It is commonly delivered by Trojans and other types of computer threats. GEMA Virus is categorized as ransomware which means that it holds a computer "hostage" until user pays ransom fee. GEMA Virus infects users who have German IP address. Upon the infection the malware "reads" the IP address and determines which version of this ransomware it is supposed to install on the affected computer.

There is more than just one version of this infection. GEMA Virus belongs to Ukash virus family, and it has at least 30 different ransomware versions. These threats display fake security messages that are marketed to over 15 countries in more than 10 languages. GEMA Virus is also just one of a few infection variants intended for the German speaking users. Aside from GEMA Virus there is also Ihr Computer wurde gesperrt!, GVU Virus, BUNDESPOLIZEI National Cyber Crimes Unite Virus and others.

However, despite the fact that they have different names, GEMA Virus and other Ukash infections function the same - they block the user from accessing his desktop by displaying a fake message across the computer screen. The message seems to be legitimate and sent from the lawn enforcement authorities, but that is not true. Thus, you should never trust the following:

Der Zugang zu Ihrem Computer wurde gesperrt.

Auf Ihrem Computer wurden illegal heruntergeladene Musikstücke ("Raubkopien") gefunden.

Der Download von urheberrechtlich geschützen Musikstücken durch das Internet oder einer Musiktauschbörse is illegal un wird gemäß #106 Urhebergesetz mit Geldstrafe oder Freiheitsstrafe von bis zu 3 Jahren bestraft.

Um die Sperre aufzuheben und weiteren Strafrechtlichen konsequenzen aus dem Weg zu gehen, sind Sie verpflichtet eine Mahngebühr in Höhe von €50,- zu bezahlen. Zahlbar durch unseren Payment-Partner Paysafecarad. Nach erfolgreicher Bezahlung wird Ihr Computer automatisch entsperrt.

The content of the message above isn't that hard to understand - GEMA virus accuses you of downloading music files illegally and you might face an imprisonment sentence of up to 3 years for what you've "done". However, GEMA Virus also offers you to bail out of this by paying a 50 Euro fine. It should also unlock your computer, but that will never happen. You have to understand that the message is not real and GEMA Virus does not have anything to do with the law enforcement authorities. It will never unlock your computer unless you remove the threat yourself:

1. Restart your computer and press F8 while the system boots.
2. System boot menu will appear. Choose Safe Mode with Networking and press Enter.
3. When the system loads, access the Internet and download SpyHunter.
4. Install SpyHunter and remove GEMA Virus.

For Windows XP:

1. Follow the steps above from 1 to 3.
2. Open Start menu and launch RUN.
3. Enter "msconfig" and hit Enter.
4. When System Configuration menu loads, click the Startup tab and uncheck all the programs on the list. Click OK and exit the menu.
5. Restart your computer in Normal mode and install SpyHunter.
6. Launch SpyHunter and remove GEMA Virus from your computer.

Download Spyware Removal Tool to Remove* GEMA virus
  • Quick & tested solution for GEMA virus removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove GEMA virus

Files associated with GEMA virus infection:

ImageManager.exe
ImageReady.exe

GEMA virus processes to kill:

ImageManager.exe
ImageReady.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.