Worm:Win32/Gamarue.I is a variant of the Gamarue worm that installs other malicious software onto your computer. Both spam e-mail messages and infected removable drives can be infection vectors for Worm:Win32/Gamarue.I, which is capable of creating new copies of itself and enabling these copies to launch on fresh computers automatically. Because Worm:Win32/Gamarue.I includes some advanced system changes and will conceal its components within normal Windows processes, SpywareRemove.com malware research team recommends that you use anti-malware programs to delete Worm:Win32/Gamarue.I – and, preferably, with a sufficiently in-depth scan that you can catch all copies of Worm:Win32/Gamarue.I, including those that are concealed on your PC’s removable drives.
Worm:Win32/Gamarue.I: a File with Unexpected Consequences Once You Open It
While other PC threats may, as always, install Worm:Win32/Gamarue.I without your permission, Worm:Win32/Gamarue.I usually infects new PCs via either e-mail, network-shared drives or removable drives. Malware researchers have examined these infection vectors as follows:
- E-mail spam may include installers for Worm:Win32/Gamarue.I. These installers will be disguised as supposedly beneficial files, but when launched, will continue through Worm:Win32/Gamarue.I’s hidden installation process.
- Worm:Win32/Gamarue.I also is capable of copying itself to removable devices, such as writable CDs or your USB thumb drive.
- If you share locations of your hard drive over a local network, PCs that access this network also are in danger of being infected by copies of Worm:Win32/Gamarue.I. The infection procedures are identical to those abused in Worm:Win32/Gamarue.I’s removable drive-based attack.
Worm:Win32/Gamarue.I changes the Registry in ways that allow Worm:Win32/Gamarue.I to launch with Windows. Worm:Win32/Gamarue.I also is a multiple-component worm that conceals many of its files with misleading names and injects others into the memory processes of normal Windows components. This allows Worm:Win32/Gamarue.I to hide itself from any chance of visual inspection.
The Unpleasant Contents of the Conversation When Worm:Win32/Gamarue.I Calls Home
Once Worm:Win32/Gamarue.I has successfully infected a new PC, Worm:Win32/Gamarue.I attempts to communicate with a remote server and report the infection. Afterward, Worm:Win32/Gamarue.I may use this server to install other types of malware, with potential payloads including rogue anti-malware programs, browser hijackers, spyware and other PC threats.
Because Worm:Win32/Gamarue.I can create duplicates of itself and conceal these copies in a variety of locations, SpywareRemove.com malware research team particularly recommends that you use thorough anti-malware scans for removing Worm:Win32/Gamarue.I infections from your computer. Original versions of Worm:Win32/Gamarue.I were detected as long ago as the middle of last year, but new variants of Worm:Win32/Gamarue.I also have been spotted very recently. Updated anti-malware products, therefore, should be considered essential for identifying and removing Worm:Win32/Gamarue.I completely.
W32/Jorik_Steckt.BC!tr [Fortinet]a variant of Win32/Kryptik.AQCX [ESET-NOD32]Win32.Troj.Jorik.(kcloud) [Kingsoft]Trojan.Win32.Jorik (A) [Emsisoft]Worm/Gamarue.I.355 [AntiVir]Trojan.Kryptik!glMQeKCPq6s [Agnitum]Trojan.Win32.Jorik.Steckt.bc [Kaspersky]Win.Trojan.Agent-20637 [ClamAV]TROJ_SPNR.14LB12 [TrendMicro-HouseCall]Trojan.Win32.Banker.bdwhdo [NANO-Antivirus]
More aliases (2498)
Worm.Gamarue.I Automatic Detection Tool (Recommended)
Is your PC infected with Worm.Gamarue.I? To safely & quickly detect Worm.Gamarue.I, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Worm.Gamarue.I What happens if Worm.Gamarue.I does not let you open SpyHunter or blocks the Internet?
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
- The following files were created in the system:
Posted: July 20, 2012 | By SpywareRemove
Threat Level: 5/10
Rate this article:
Detection Count: 876