Trojan.Gampass.F is a computer infection that steals confidential information once it enters the system. This Trojan also downloads and executes additional malicious file it collects from a remote server.
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista
Once Trojan.Gampass.F hits the computer, it will drop a copy of itself under Windows System folder. Next, it will configure itself to run on Windows start-up by adding a registry at Winlogon. Apart from that, the virus may also delete and modify various registry subkeys that are very essential for its operation in endangering the PC further.
Another method to initiate the Trojan is to embed malicious code into the following legitimate and common processes:
The Trojan also target to disable one particular security product. It will disable antivirus programs made by AhnLab.
As Trojan.Gampass.F reaches final objective, it will monitor web sites related to online games and steal user name and password from an infected computer. Lastly, it sends all gathered information to a predefined domain specifically created for the purpose storing stolen information.
Trojan.Gampass.F typically arrives on the computer through another virus infection. Malicious web sites, illegal software downloads and unsecured file-sharing networks are among the second distribution channel for this Trojan.
If an antivirus program protects your computer, there is a chance that Trojan.Gampass.F can be blocked and deleted. In the image below, you can see how an auto-protect module has reacted on this threat.