Home / Spyware Encyclopedia / GameThief.Ganhame << Back

Recommendation to Automatically remove GameThief.Ganhame


Our products can remove GameThief.Ganhame and thousands of other Virus and Spyware automatically and instantly.

GameThief.Ganhame Details


  • Category GameThief
  • Discovered 8/5/2009 3:29:59 PM
  • Modified 8/3/2023 5:31:13 PM
  • Threat Level Critical
  • Category Description
    A threat that attempts to steal vital information from the user with regards to online gaming activity and is capable of connecting to a remote site to download possible updates of its application.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
toolbar.exe 1788696MEGAUPLOAD3.0.0.19  
draw32.dll 32736  e792185177bf2e2b7053703c2ccff9da 
37e70ed4.exe 57344  7a0c8e3898d00462ff734ad5ff8fed52 
coove.exe 101376  74e40543173f81627388d2f49610104e 
Trojan-Dropper.Win32.Agent.ami.exe 33992  1c3e3cb16f7aeefc2be46a456923606b 
Trojan-Dropper.Win32.Agent.anq.exe 15978  04c2f01303ae93394f720a86c9c78606 
reger.exe 30991    
toolbar.exe 1513    
76079733.exe 57344  8c5fabb9df8d3f178a94d1260decf2a103/08/2023
msTasks.dll 22528  f62a39c77aa4ebc4fc9769d078feaa9126/02/2021

The following Registry Entries were created:
..\Software\Microsoft\Windows\CurrentVersion\Run\\"System"\"%WIN.SYS32%\kernels8.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"System"\"%WIN%\svchost.exe"
..\System\CurrentControlSet\Control\\"Impersonate"\"[20423038304084607660]"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"yul"\"%WIN%\coove.exe"
..\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\"draw32"\"{38AD34BF-113A-420B-910B-7673ED571DBD}"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"ws_ds"\"%WIN%\sws32.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"ie_brow"\""%WIN%\ie_32.exe""
..\Software\Microsoft\Windows\CurrentVersion\RunServices\\"ws_ds"\"%WIN%\sws32.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"sysTasks"\"%WIN.SYS32%\msTasks.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"svcroot"\"%WIN.SYS32%\xffanl.exe"

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.