How to remove Gphone.exe
Wednesday, January 7th, 2009 at 2:59 amHome » Backdoor, Worm » Gphone.exe
Gphone.exe description
Gphone.exe is worm which spreads via instant messengers. It usually affects Yahoo! Messenger and Google Talk applications. Gphone.exe send a message and invites victims to visit a website. If clicked upon, the link actually delivers a copy of Gphone.exe infection. The worm delivers the following message:
“There is in the worst of fortune the best of chances for a happy change
There is only one way to happiness and that is to cease worrying about things which are beyond the power of our will
The wisest mind has something yet to learn
The wise man in the storm prays God, not for safety from danger, but for deliverance from fear
Happiness is a choice that requires effort at times
Action may not always bring happiness; but there is no happiness without action
Happiness is not a destination. It is a method of life
The best way to cheer yourself up is to try to cheer somebody else up
If you want truly to understand something, try to change it
I am a strong believer in luck and I find the harder I work the more I have of it
View my webcam (private) [LINK]”
Once it’s on board a computer, Gphone.exe blocks security tools. This enables Gphone.exe to download and install other malwares.
Get rid of Gphone.exe
How to manually remove Gphone.exe
To remove Gphone.exe spyware you must block Gphone.exe sites, stop and remove processes, unregister DLL files, search and delete all other Gphone.exe files and registry utility. Follow the Gphone.exe detection and removal instructions below.
The most typical software removal method is to remove Gphone.exe by using "Add or Remove Programs" service. However there may be hidden Gphone.exe files, running processes and registries in your computer, so Gphone.exe may recreate all other files after reboot.
Gphone.exe manual removal instructions
Block Gphone.exe sites:
rnd009.googlepages.com
Read more how to block Gphone.exe sites
Stop and remove Gphone.exe processes:
DEFAULT_NOT_SET.exe
New Folder.exe
gphone.exe
Read more how to kill Gphone.exe processes
Locate and delete Gphone.exe registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\WorkgroupCrawler\Shares\"shared" = "[ROOT FOLDER]\New Folder.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"Yahoo Messengger" = "%System%\gphone.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Shell" = "Explorer.exe gphone.exe"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Schedule\”AtTaskMaxHours” = "0"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Schedule\"NextAtJobId" = "2"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\"DisableTaskMgr" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\"DisableRegistryTools" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NofolderOptions" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\"Default_Page_URL" = "http://rnd009.googlepages.com/google.html"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\"Default_Search_URL" = "http://rnd009.googlepages.com/google.html"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\"Search Page" = "http://rnd009.googlepages.com/google.html"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\"Start Page" = "http://rnd009.googlepages.com/google.html"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Start Page" = "http://rnd009.googlepages.com/google.html"
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\"HomePage" = "1"
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\"HomePage" = "1"
Read more how to delete Gphone.exe registry entries
Download RegistryBooster 2010 to scan errors caused by Gphone.exe
Detect and delete other Gphone.exe files:
%Windir%\gphone.exe
%System%\gphone.exe
%System%\DEFAULT_NOT_SET.exe
C:\Documents and Settings\All Users\Desktop\gphone.exe
%Temp%\gphone.exe
%System%\gphone.exe
%DriveLetter%\New Folder.exe
%DriveLetter%\gphone.exe
[ROOT FOLDER]\New Folder.exe
[ROOT FOLDER]\gphone.exe
%DriveLetter%\autorun.inf
%Windir%\Tasks\At1.job
[ROOT FOLDER]\autorun.inf
C:\disk.txt
%System%\autorun.ini
%System%\setting.ini
%Temp%\log_[TIME AND DATE].txt
We strongly recommend you to use spyware remover to track Gphone.exe and automaticaly remove Gphone.exe processes, registries and files as well as other spyware threats.
Gphone.exe
Leave a Reply
Subscribe
Search
Categories
- Adware
- Backdoor
- Browser Helper Object
- Browser Hijacker
- Fake warning messages
- Keylogger
- Malicious domains
- Remote Administration Tool (RAT)
- Rogue Antispyware
- Tracking Cookie
- Trojan
- Worm
Latest spyware threats
- Malware Destructor 2011
- PriceGong
- SearchandClick
- MegaVaccine
- Windows Defence
- SP Center
- Defence Center
- White Shark Virus
- AV Defender 2011 Platinum
- Win7 AV
- AV Security Suite Platinum
- SpyDefender 2010
- My Security Suite
- VideoCop
- AWM Antivirus
Recently commented
- AV Security Suite Platinum
- AntiSpy Safeguard
- Pest Detector 4.1
- My Security Shield
- Red Cross Antivirus
- Antimalware Doctor
- Anti-Virus Professional
- Earth AV
- VideoCop
- AV Security Suite
- The Shield Deluxe 2010
Malicious domains
- Antivirsword.com
- Webantispy.com
- Antivirmore.com
- Antivirglass.com
- Oksave9.co.cc
- Smartsecadv.com
- AV-look.com
- Profantivir.com
- Customwebblacklist.com
- Av-look.net
Fake warning messages
- Fake Microsoft Security Essentials Alert
- Video ActiveX Object Error
- Fake Adobe Flash Player install
- AV Security Suite – Attention! Spyware Alert
- AV Security Suite – Antivirus Software alert
- AV Security Suite – Windows Security alert
- AV Security Suite Spyware Alert – Application is infected
- AV Security Suite – This website has been reported as unsafe
- Application cannot be executed pop-up
- Lsas.Trojan-Spy.DOS.Keycopy
Tutorials
- Contact Us
- How to block malicious websites using HOSTS file?
- How to delete registry entries?
- How to download and install Spyware Doctor
- How to kill malicious processes?
- How to recognize a rogue security program?
- How to recognize a rogue website?
- How to unregister DLL files?
- Signs of browser hijacker infection
Archive
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
Tags
Security News- Remove Malware Destructor 2011, Malware Destructor 2011 removal
- Clever spammer found a flaw in Facebook to spread unwanted messages to walls
- Remove Windows Defence, Windows Defence removal
- Remove SP Center, SP Center removal
- Remove Defence Center, Defence Center removal tutorial
- Remove MegaVaccine, MegaVaccine removal
- Remove White Shark Virus, White Shark Virus removal
January 22nd, 2009 at 9:48 am
Hey where to execute the code u have kept the quotes
can u make it clear how to get rid of it, i am suffering a lot bec of it
Reply
Luciana Reply:
January 23rd, 2009 at 6:03 am
Hello GA2,
You don’t need to execute any code. If you’re looking for anti-spyware application, download the gphone.exe removal tool. If you wanna remove this infection manually, follow the manual removal instructions provided above. Block Gphone.exe site using this tutorial; stop and remove Gphone.exe processes using ‘how to kill processes’ tutorial, locate and delete Gphone.exe registry entries using this tutorial and finally delete other Gphone.exe files listed above.
Reply
January 23rd, 2009 at 11:49 pm
my humble thanks to the people who dsign this,i remove this virus processes,registry entries succesfully, once again thanks for providing good soltuions ,keep provide much more soltuions ,thanq, if any one want any infoamtion
please mail me
Reply
February 15th, 2009 at 2:08 am
Hey this gphone virus has disabled my taskmanager as well as registry editor..now i cant stop its processes manually..tell me what should i do
Reply
Luciana Reply:
February 17th, 2009 at 2:08 am
Start your computer in a safe mode. Most of malicious processes are inactive in the safe mode so you should be able to deal with the Gphone.exe.
Reply
jackkk Reply:
June 17th, 2009 at 6:52 am
I started my computer in the safe mode but it did not help.This can be rectified by:
Open the ‘run’ and type
“REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f”
in the blank space , then press OK.
The task mansger can then be accessed in the normal matter(likr ctrl+alt +del)
Reply
April 25th, 2009 at 10:50 am
Hey whenever i am trying to open any of my desktop icons or other programs my system prompts the following message
“windows can notaccess the specified device, path or file. You may not have the appro
priate permission to access the item.”
My PC infected by gphone.exe pls help to get rid of it.
Reply
Luciana Reply:
April 26th, 2009 at 10:06 pm
Hello,
Please follow the removal instructions provided above. The error message you receive might be unrelated to the Gphone.exe infection.
Reply
May 1st, 2009 at 12:06 am
i used ESET NOD32 anti virus and it deleted the gphone.exe.
but my problem now is that whenever i start windows, there is a window which says:
cannot find gphone.exe, if u need to look for this application, use search button
it goes something like that. its really bothering me alot and it slows down the start up..
please help me
Reply
bryan Reply:
May 1st, 2009 at 1:52 am
Richard,
now you have to delete gphone.exe from your startup files list: start -> run -> msconfig -> go to startup and uncheck gphone. This should help you.
Reply
michael Reply:
August 15th, 2010 at 6:03 am
please help i do have the same problem.. i have already deleted the gphone.exe but i can’t found it in startup
Reply
July 16th, 2009 at 4:51 pm
Sir, I have this problem since 2 months. I recognise it after using AVG Anti virus free version programme. All my folders have new folder.exe. And in start up there is a run time error “53″:file not found:sysproc.dil. And now windows script Host-Loading scriot “C:\windows\system32\neo.vbe” failed (Acess is denied). After that I downloaded the windows steady state to protect my system. But this virus can’t go away. How can I remove it. I am not aware of knowledge in computers to do it manually. Is there any solution in Online. Please give me reply in a short span of time.
Reply
Luciana Reply:
July 16th, 2009 at 10:35 pm
Run anti-spyware scan. AVG is anti-virus and it’s designed to deal with different type of infections.
Reply
August 9th, 2009 at 3:38 am
Hey my internet is not very fast thats why i cant download your spyware. I am using vista ultimate. So Manual file deletion is not proper. Can u send ideal solution to get rid of gphone.exe
Reply
Luciana Reply:
August 11th, 2009 at 10:36 pm
Download the anti-spyware on another computer and then copy the install file on the infected PC using USB drive or CD or something like that. The manual removal is more effective in a safe mode because malware may prevent removal in a normal mode.
Reply
September 24th, 2009 at 2:11 am
how to remove this gphone.exe.because lot of files in my pc.and lot of gphone vyrus is in my pc.how to detect manual.this is long process.any one help me .and tell me shortcut method plz….
regards.
mukhesh matety
warangal
andhrapradesh
Reply
October 24th, 2009 at 8:14 am
i had the same problem…i have win xp and was using avg free version…
…from one of the forums i learnt that kaspersky would help…so i uninstalled avg
free and downloaded kaspersky 2010 trial version and installed it…then updated the virus defination and ran the whole computer scan …it killed the gphone virus along with all the folders that it had created…for other gphone related i carried out the following action…
1. CTRL+ALT+DEL disabled by virus…
solution. a. go to RUN…
b. Type (without the quotes “” ofcourse)
” REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f ”
c. press OK
2. C and D drive only opens by explore and not double clicking.
solution. a. go to cmd prompt ( in accessories) and run the following commands.
c:\> attrib -r -s -h autorun.inf
c:\> del autorun.inf
d:\> attrib -r -s -h autorun.inf
d:\> del autorun.inf
b. restart computer
3. “regedit” command disabled by the virus
solution. a. go to RUN
b. type
” reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /f ”
c. press ok
4. folder option not available in tools..
solution. a. Go to Run, type gpedit.msc then press enter.
b. Navigate to User Configuration -> Administrative Templates -> Windows Components -> Windows Explorer.
c. At the right panel, look for “Removes the Folder Options menu
item from the Tools menu”, right click on it then choose Properties.
d. Change the setting from Enabled to Not Configured or Disabled.
this worked for me…i hope it works for you…
Reply
October 24th, 2009 at 11:10 am
Actually the registry editor is also blocked via this virus so i cannot acces my registry editor without that i cant manually remove the gphone.exe
so kindly giv me another solution if possible
Do you have the path in the registry editor to stop the autorun of any removable storage disk..
kindly respond to my query
thanks…
Reply
December 11th, 2009 at 6:17 am
Hello,
My computer was affected by gphone.exe. I’ve removed the virus but different kind of language was displayed on on my clock bar. Does any one have idea about how to solve it.
Reply
June 29th, 2010 at 8:36 pm
hellow my computer was affected by gphone.exe and i cannot open my games what should i do?
pls reply
Reply