Worm:Win32/Gamarue

Status
Not open for further replies.

44surf

Distinguished
Jan 19, 2011
35
0
18,580
0
Microsoft Security Security essentials indicated that my desktop was infected with worm:win32/gamarue.B. It said it was removed, but the task manager showed it as running. I ended the task and I am running a full system virus scan. It seems that the worm first infected the computer on 12/5. The history says allowed then removed. It seems to be running at start up. I shut down the computer every night. Any suggestions? I am posting from my laptop which is not infected...at least so far. Thanks in advance for your help. The full scan said it found no threats.
 

44surf

Distinguished
Jan 19, 2011
35
0
18,580
0
Thanks guys.

@ Hawkeye~MSE said it removed it...but it still showed that it was running when I checked the task bar.

I ran a full scan and it said no threats found. It seems to loading itself when I boot up the computer.

@malmental~How do I isolate it in safe mode?

 

verbalizer

Distinguished
May 28, 2010
320
0
19,060
28
write down on a piece of paper or something the actual virus name in full from the task manager, write down the entire executable
path and all info.
then in safe mode search for it and then kill it.
 

44surf

Distinguished
Jan 19, 2011
35
0
18,580
0
Hello all.

51~I ran that earlier today and it said my system was clean.

I also ran malwarebytes in regular mode and it is currently running in safe mode. So far nothing has been detected.

I was following Aford's step by step process since it all written out for me and easy to follow. Should I download the spybot program and registry cleaner in the safe mode also?

I guess I should also change all my passwords for different accounts etc.?
 

44surf

Distinguished
Jan 19, 2011
35
0
18,580
0
I did not run that yet. I need to download it on this computer...not the infected one. Make a copy etc. I am thinking I need to go change my bank passwords before I do anything else.
 

aford10

Distinguished


Quality scanners won't always catch everything. That's why you should always use a few different scanners to verify an infection or clean system. Just make sure to be in safe mode with networking, so you can update the virus definitions before you scan.
 
Status
Not open for further replies.

ASK THE COMMUNITY