- Audio & Multimedia
- Business
- Communications
- Desktop
- Development
- Education
- Games
- Graphics
- Home & Hobby
- Network & Internet
- Screen Savers
- Security & Privacy
- Servers
- System Utilities
- Web Development
- DeskConnect
- Data Undelete Software...
- TrustVare OST to MBOX...
- MSSQL to MySQL database...
- Mac Memory Card Restore
- ClickCharts FlowCharts Free...
- ActivTrak for MacOS
- File Recovery Utility
- JobCard 2
- Windows Files Salvage Utility
- DailySoft MBOX to MSG...
- Windows FAT Recovery Program
- iPod Shuffle Repair Software
- FixVare TGZ to HTML Converter
- Data Recovery Software
- ADRC Data Recovery Tools
- avast! Antivirus
- Revo Uninstaller
- Java Runtime Environment
- AVG Anti-Virus Free Edition
- GOM Media Player
- RegSeeker
- IrfanView
- CPU-Z
- Malwarebytes Anti-Malware
- Spybot Search & Destroy
- Skype
- µTorrent
-
2Printer 5.5
Enables you to print any type documents or files in bath mode one after another specifying the paper size and without any...
-
Vivaldi for MacOS 6.6
No ad browser and uses minimum memory, takes very less time to load, some unique features added like notes containing...
-
Win PDF Editor 3.6.3
Editing PDF documents was like nightmare for me but when I am suggested by one of colleagues I tried this and found that...
-
Serial to Ethernet Connector 9.0
It can successfully turn your computer to a terminal server so that any device connected to the com port will be...
-
ShutUp10 1.4.1388
This software will let you take the full control over your windows 10 and decide which program to start automatically or...
-
TeraCopy 3.26
Copies files seamlessly from source to target location, also detects errors while transferring and rectifies it.
-
Ulysses for Windows 2.7.11
Writing application with most of useful features that a standard word processor may offer like markdown, emerging to...
-
InjuredPixels 4.0
It will repair the damaged pixels of the display unit so that it can still be usable for some more days instead of buying...
-
DrvInfo 1.2.0.2016.0
The software will show you the details of a drive as soon as it is inserted into the port whether it is a floppy, flash...
-
Unreal Commander 3.57
Can see the files in windows. You may copy, cut and paste right from there or upload to server directly.
Security & Privacy / Anti-Virus Tools / Ganda Removal Tool 1.0
Ganda Removal Tool 1.0
Advertisement
Advertisement
Ganda Removal Tool 1.0 Description
Ganda Removal Tool is a small but effective application that targets the Win32.Ganda.A@mm malware. Once run, it creates two copies of itself in Windows folder: SCANDISK.EXE and another randomly named file (ex: "xjvhtbxt.EXE").
Ganda Removal Tool is a small but effective application that targets the Win32.Ganda.A@mm malware. Once run, it creates two copies of itself in Windows folder: SCANDISK.EXE and another randomly named file (ex: "xjvhtbxt.EXE").
Creates a mutex "SWEDENSUX" in order to allow only one copy of itself in memory.
It attempts to shut down processes with names as "virus","firewall","f-secure","symantec","mcafee","pc-cillin","trend micro","kaspersky","sophos","norton".
It infects executable files by searching for *.exe, *.scr and *.lnk files in %windir%DESKTOP and %windir%START MENU If a .lnk file is found, it retrieves the executable path and name contained within the .lnk file, then opens the file (if it founds a .exe or a .scr file, it opens them directly) and adds a stub to the end of the executable file, then hijacks one of the functions ExitProcess, GetProcAddress, GetModuleHandleA, LoadLibraryA to point to the stub. The stub loads and executes the file with random name in Windows folder (ex: "xjvhtbxt.EXE").
It creates registry key
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindows CurrentVersionRun"ScanDisk"="C:WINDOWSSCANDISK.exe"]
It looks in [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun] and
[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServices] and attempts to modify the files pointed by the keys, and render them unusable.
It harvests e-mails searching for files matching "*.eml","*.htm*","*.dbx" and Windows Address Book. It also contains some hardcoded e-mails.
OS: Windows 7, WinXP, Windows Vista
Tags: Ganda Antivirus - Ganda Remover - Ganda Cleaner - Ganda - Antivirus - Remover
User Reviews of Ganda Removal Tool
-
BitDefender TrafficLight for The TrafficLight extensions work with any operating system, but are somewhat restricted in functionality and (of course) choice of browser... Download
-
BitDefender TrafficLight for The TrafficLight extensions work with any operating system, but are somewhat restricted in functionality and (of course) choice of browser... Download
-
BitDefender TrafficLight for The TrafficLight extensions work with any operating system, but are somewhat restricted in functionality and (of course) choice of browser... Download
-
BitDefender QuickScan for Firefox BitDefender QuickScan is an online tool which uses .in-the-cloud. scanning to detect malware running on a PC very fast, usually in less than 60 seconds. Because it's fast!.. Download
-
BitDefender QuickScan for Chrome BitDefender QuickScan is an online tool which uses .in-the-cloud. scanning to detect malware running on a PC very fast, usually in less than 60 seconds. Because it's fast!.. Download
-
Valhalla Removal Tool 1.0 Valhalla Removal Tool is a lightweight application that was created in order to provide you with a simple means of cleaning the Win32.Valhalla.2048 virus from your PC... Download
-
Jeefo Removal Tool 1.0 Jeefo Removal Tool is a lightweight utility that can help you clean the Win32.Jeefo.A malware from your system. This executable file infector is written in MinGW and presents a very interesting (and difficult to disinfect) infection technique... Download
-
LovGate Removal Tool 1.0 LovGate Removal Tool is a handy application that was created in order to provide you with a means of fighting off Win32.LovGate malware in all its variants and modifications... Download
-
Lirva Removal Tool 1.0 Lirva Removal Tool is a great helper that was designed to deal with the Win32.Lirva.B@mm worm. This is a modified version of Win32.Lirva.A@mm internet worm... Download
-
Frethem Removal Tool 1.0 Frethem Removal Tool is a useful application that can help you erase the Win32.Frethem.F@mm virus. This is an Internet worm which spreads through e-mail as an attached file. It is written in Visual C and packed with UPX and PePack... Download