Trojan.Gampass.F
Your data is at risk if Trojan.Gampass.F is present on the computer. It does not only steal your private information but also uses them in other online unlawful act. Remove this Trojan now and guard your system with trusted anti-virus software.
Trojan.Gampass.F is a computer infection that steals confidential information once it enters the system. This Trojan also downloads and executes additional malicious file it collects from a remote server.
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista
Characteristics
Once Trojan.Gampass.F hits the computer, it will drop a copy of itself under Windows System folder. Next, it will configure itself to run on Windows start-up by adding a registry at Winlogon. Apart from that, the virus may also delete and modify various registry subkeys that are very essential for its operation in endangering the PC further.
Another method to initiate the Trojan is to embed malicious code into the following legitimate and common processes:
- arad.exe
- explorer.exe
- Iexplore.exe
- lin.bin
- maplestory.exe
- ragexe.exe
- ragurdrexe.exe
- wow.exe
The Trojan also target to disable one particular security product. It will disable antivirus programs made by AhnLab.
As Trojan.Gampass.F reaches final objective, it will monitor web sites related to online games and steal user name and password from an infected computer. Lastly, it sends all gathered information to a predefined domain specifically created for the purpose storing stolen information.
Distribution
Trojan.Gampass.F typically arrives on the computer through another virus infection. Malicious web sites, illegal software downloads and unsecured file-sharing networks are among the second distribution channel for this Trojan.
If an antivirus program protects your computer, there is a chance that Trojan.Gampass.F can be blocked and deleted. In the image below, you can see how an auto-protect module has reacted on this threat.
How to Remove Trojan.Gampass.F
1. Temporarily Disable System Restore (Windows Me/XP). [how to]
2. Open your antivirus application and update the virus definition file. This method ensures that your antivirus program can detect even newer variants of Trojan.Gampass.F
3. Start Windows in Safe Mode with Networking.
- From a power-off state, turn on the computer and press F8 on your keyboard repeatedly.
- Your computer will display Windows Advanced Boot Options menu. Please select Safe Mode with Networking.
- The system will now boot Windows and loads only necessary drivers and files.
4. Open your antivirus program and run a full system scan. After the scan, delete all infected items. If unable, better place them in quarantine. Once the scan is complete, please proceed with the next step.
Online Virus Scanner:
Another way to remove Trojan.Gampass.F without the need to install additional antivirus application is to perform a thorough scan with free online virus scanner that can be found here or on websites of legitimate anti-virus and security provider.
5. Go to Online Virus Scanner list and run a virus scan. This may require plug-ins, add-on or Activex object, please install if you want to proceed with scan.
6. After completing the necessary download, your system is now ready for online virus scanning.
7. Select an option in which you can thoroughly scan the computer to make sure that it will find and delete entirely all infections not detected on previous scan.
8. Remove or delete all detected items.
9. When scanning is finished you may now restart the computer in normal mode.
Alternative Removal Method for Trojan.Gampass.F
Option 1 : Use Windows System Restore to return Windows to previous state
If Trojan.Gampass.F enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before Trojan.Gampass.F infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.
Option 2 : Trojan.Gampass.F manual uninstall guide
IMPORTANT! Manual removal of Trojan.Gampass.F requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.
1. Kill any running process that belongs to Trojan.Gampass.F.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for Trojan.Gampass.F files (refer to Technical Reference) and click End Process.
2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section below.
- Close registry editor. Changes made will be save automatically.
3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
4. Delete all files dropped by Trojan.Gampass.F.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.