Wednesday, November 12, 2008

Gema Trojan

Removing Gema
Categories: Trojan,Downloader
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Trojans-downloaders downloads and installs new malware or adware on the computer.

Gema Also known as:

[Panda]Trojan Horse,Trj/Datei.A;
[Computer Associates]Win32.Gema.B,Win32/Gema.A!Trojan,Win32.Gema.D,Win32/Gema.14336!Trojan
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\Click Here.url
[%SYSTEM%]\cdcompat.exe
[%SYSTEM%]\cpusave32.exe
[%SYSTEM%]\DLuxjp-uninstall.exe
[%SYSTEM%]\mdmdll.exe
[%SYSTEM%]\nvidex32.exe
[%SYSTEM%]\syscenter.exe
[%DESKTOP%]\Click Here.url
[%SYSTEM%]\cdcompat.exe
[%SYSTEM%]\cpusave32.exe
[%SYSTEM%]\DLuxjp-uninstall.exe
[%SYSTEM%]\mdmdll.exe
[%SYSTEM%]\nvidex32.exe
[%SYSTEM%]\syscenter.exe

How to detect Gema:

Files:
[%DESKTOP%]\Click Here.url
[%SYSTEM%]\cdcompat.exe
[%SYSTEM%]\cpusave32.exe
[%SYSTEM%]\DLuxjp-uninstall.exe
[%SYSTEM%]\mdmdll.exe
[%SYSTEM%]\nvidex32.exe
[%SYSTEM%]\syscenter.exe
[%DESKTOP%]\Click Here.url
[%SYSTEM%]\cdcompat.exe
[%SYSTEM%]\cpusave32.exe
[%SYSTEM%]\DLuxjp-uninstall.exe
[%SYSTEM%]\mdmdll.exe
[%SYSTEM%]\nvidex32.exe
[%SYSTEM%]\syscenter.exe

Folders:
[%PROGRAM_FILES%]\dialers
[%PROGRAM_FILES%]\siteicons

Registry Keys:
HKEY_CURRENT_USER\software\siteicons
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\dluxjp

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\netscape\netscape navigator\user trusted external applications
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Gema:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)