Home Malware Programs Trojans Trojan-PSW.Gampass

Trojan-PSW.Gampass

Posted: February 10, 2011

Threat Metric

Threat Level: 9/10
Infected PCs: 445
First Seen: July 24, 2009
Last Seen: February 18, 2023
OS(es) Affected: Windows

Trojan-PSW.Gampass is a spyware infection with possible Trojan properties, allowing Trojan-PSW.Gampass to place more malware on your computer. Trojan-PSW.Gampass will usually infect computers discreetly to avoid security measures, and then quietly steal all valuable information present on your computer. This may include account passwords, banking information, credit card numbers, or other personal details. Trojan-PSW.Gampass was identified as a threat late 2010, and anti-malware software with definition databases earlier than that may be unable to catch Trojan-PSW.Gampass. Delete Trojan-PSW.Gampass with all due haste if you value your privacy or system security!

Dodging Trojan-PSW.Gampass

Trojan-PSW.Gampass may infect an .exe file and install itself automatically once this file is run. The infected file may present itself as being of another format type, or may even be an otherwise legitimate file that was infected through P2P traffic. Unsafe website scripts can also provoke the download of Trojan-PSW.Gampass. Finally, other kinds of Trojans can download and install infections such as Trojan-PSW.Gampass on vulnerable computers without requiring authorization or notifying the user of the process. Most of these events can be prevented if one uses a firewall, keeps anti-virus software up to date, and avoids visiting illicit websites. Since the vast number of Trojan-PSW.Gampass infections have been in China, avoiding contact with online sources from that region is likely to reduce your infection chance to almost nothing.

Why You'll Want to Make Trojan-PSW.Gampass Just a Bad Memory

There are many minor variants to the Trojan-PSW.Gampass which are detected by slightly different names and primarily occur in different regions, but they all function in a similar manner. Trojan-PSW.Gampass serves as a triple threat to your computer by attacking in three distinct and serious ways. Trojan-PSW.Gampass most well-known aggressive behavior is keylogging or the recording of keyboard strokes. Keylogging allows Trojan-PSW.Gampass to steal your passwords and other sensitive information, which will be sent to the criminal to use as he or she pleases.

Along with the keylogging, Trojan-PSW.Gampass also requires access to the outside source to have a destination for this information. Trojan-PSW.Gampass enables this by creating a backdoor in your security. This will make it directly vulnerable to attack by this same anonymous entity, and may also result in less targeted attacks by others probing for inadequately protected systems. Such attacks can take control over your computer, steal or alter files, or simply add more malware to the load you're already struggling against.

Trojan-PSW.Gampass's third attack method is to directly download malware onto your computer itself. This makes immediate removal of Trojan-PSW.Gampass important, before other malware disables functions or programs you'll need to clean house. The more you try to eliminate Trojan-PSW.Gampass, the harder it will be to get Trojan-PSW.Gampass removed, so be calm but expedient.

Trojan-PSW.Gampass

Aliases

Packer.PESpin [Ikarus]Mal/Packer [Sophos]TR/Agent.3710976 [AntiVir]Gen:Packer.PESpin.A.I7W@aynDsUrO [BitDefender]Trojan.Backdoor-11 [ClamAV]Win32.TRAgent [eSafe]probably a variant of Win32/Spy.Agent.IJPQFES [NOD32]Riskware [K7AntiVirus]Generic.dx!f [McAfee]Trj/Lineage.BZE [Panda]W32/Agent.LTXBUDK!tr [Fortinet]Win32.SuspectCrc [Ikarus]Mal/KeyGen-M [Sophos]Trojan.Packed.593 [DrWeb]UnclassifiedMalware [Comodo]
More aliases (197)

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%WINDIR%\system32\itlpfw32.dll File name: itlpfw32.dll
Size: 215.55 KB (215552 bytes)
MD5: 4ed60abfeed35a673b90d651818250f0
Detection count: 199
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\system32
Group: Malware file
Last Updated: April 18, 2011
%WINDIR%\system32\AdminLp.dll File name: AdminLp.dll
Size: 61.44 KB (61440 bytes)
MD5: 249e70aab278802186302b31f28d0e05
Detection count: 71
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\system32
Group: Malware file
Last Updated: January 9, 2011
1369347988.dll File name: 1369347988.dll
Size: 139.26 KB (139264 bytes)
MD5: f9053595b96cb98255730e5854d9e4fe
Detection count: 40
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
C:\Hiren's.BootCD.15.2\XP\XP\I386\System32\keybtray.exe File name: keybtray.exe
Size: 10.06 KB (10064 bytes)
MD5: b030222345d91c7aa73867bcb5b7a380
Detection count: 33
File type: Executable File
Mime Type: unknown/exe
Path: C:\Hiren's.BootCD.15.2\XP\XP\I386\System32\keybtray.exe
Group: Malware file
Last Updated: December 29, 2022
C:\new Antec\EAZEL\02-Audio (EAZEL)\11-Streaming\20-iRadioNet\42486-42487-iradionet.exe File name: 42486-42487-iradionet.exe
Size: 485.9 KB (485908 bytes)
MD5: 37e6e1a278659302f311dd9015cce387
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: C:\new Antec\EAZEL\02-Audio (EAZEL)\11-Streaming\20-iRadioNet\42486-42487-iradionet.exe
Group: Malware file
Last Updated: June 23, 2022
%WINDIR%\system32\ctfmon.exe File name: ctfmon.exe
Size: 30.2 KB (30208 bytes)
MD5: 7fe831e595f75caade9bc91fbabf10a1
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: March 9, 2020
%PROGRAMFILES%\Internet\Newsleecher\newsleecher.exe File name: newsleecher.exe
Size: 3.71 MB (3710976 bytes)
MD5: fc6ca6278e89916b7aa8edefbfe0864c
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Internet\Newsleecher
Group: Malware file
Last Updated: April 30, 2020
cj.v4.dll File name: cj.v4.dll
Size: 17.4 KB (17408 bytes)
MD5: be229d6cb0613be8a337b7e48273f9c0
Detection count: 0
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: December 11, 2009
Loading...