Internet Security News & Views

The Real Worms of Recent Facebook Scams – Worm:Win32/Gamarue.I

A “worm” is a type of malware that covertly and maliciously integrates itself into program or data files, and infects more files each time the host program is run.

Omniquad’s Mailwall Remote team has been analyzing the malware found in the most recent wave of Facebook email scams. They intercepted the malware as Worm:Win32/Gamarue.I

How does Worm:Win32/Gamarue.I affect your system?

Malicious computer worm infection that make use of vulnerabilities of network channel to infect computers.

Once installed, it may disable security software, block security-related online services and add dangerous payloads onto the infected computer system.

It even takes up large amount of system space to slow down PC performance. The worm infects many system files by attaching itself and rewriting files names.

It makes the computer abnormal and system unstable.  This infection will change your registry settings and other important windows system files.

If it is not removed it can cause a complete computer crash.

Some infections contain trojan and keyloggers which can be used to steal sensitive data like passwords, credit card, bank account information etc. So it is very important to remove as early as possible before it steals your information.

Remove it immediately before it starts wreaking havoc on the system.

How to remove Worm:Win32/Gamarue.I

1. Restart the computer in safe mode (press and hold the F8 key as the computer restarts, and then select “Safe Mode” on the boot menu).

2. Delete the file:

<%Documents and Settings%>\<%User%>\svchost.exe

3. Delete Registry Entry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched

4. Clean the folder:

%Temp%

5. Clean the Temporary Internet Files folder, which contains infected files.

6. Install the latest Windows updates.

7. Run a full scan of your computer using the Antivirus program with the latest updated definition database.

– Omniquad Mailwall Remote Team

Tagged as: , , , , , , , , , , , , ,

1 Response »

Trackbacks

  1. Facebook Email Scam warning – “your friend added a new photo” | Omniquad Security Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow blog to be notified of new posts by email.

Recent Comments

Sunrise104 on MovieStarPlanet – Not ju…
%d bloggers like this: