Few days back I have to deal with a Computer which almost have a folder in a folder, and continuously trying to open Gtalk or Yahoo Messenger. With every page I open it divert automatically to another page. After several R&Ds and looking after the processes in the background, though with the online help; finally it came to me all this mess was just because of a virus called gphone.exe.
Further information I gathered about this virus ; actually it is only a 260 Kb virus which sits with in a folder creating a new folder with an exe extension, if you by mistake click over it then no one can stop it until it totally infects your pc as new processes will be added to the processes list in the task manager. Eventually it will slow down the computer. Names : gphone (a.k.a) imaut.e (a.k.a) sohanad.t
More Technical details:
Type : IM Worm
Will be shown as : Worm/Autoit.VQV
Detected on : Around December, 2008
Attacks on : Windows XP and Vista
Nuisance level : High Method of attack : Through IM clients such as (Gtalk and YahooMessenger) and pen drives Prevention
Precautions you should consider to prevent such virus attacks
1. Do NOT click on any unauthorized link which you get from your contacts in gtalk or Yahoo Messenger
2. Do NOT double click on duplicate folders.They are not actually the folders.They are the exe files. (A folder with the same name as the parent folder, for example a folder called ‘songs.exe’ inside the ‘songs’ folder) in a pen drive as they are disguised virus files. You can easily spot they difference as their size will be around 260KB or 360 kb.
3. Install a spyware detector like Spyware Doctor to regularly scan for malware.
4. Install Tune Up Utilities to check and fix your registry from serious errors. CURE If you are effected with this stupid Gphone virus, dont worry, follow these steps.
Though there is not any step or trick finally I have followed so neither you have to only you need to download the latest version of AVG antivirus ( A free also works perfect – as i have tried the free version only). Once downloaded the AVG disconnect it from Internet and scan your pc…. if everything goes well your system will be perfectly cured.
You may get these types virus variants while scanning so don’t panic
Worm/Autoit.VQ
Worm/Generic.EDT
Worm/Generic_c.ZS
Win32/Heur
Adware Generic.COE