Malware

How to remove “PWS:Win32/Gamania!D”?

Malware Removal

The PWS:Win32/Gamania!D is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PWS:Win32/Gamania!D virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine PWS:Win32/Gamania!D?



File Info:

crc32: E06015F5
md5: 07019bc1b3609704bcca5d850dedc296
name: 07019BC1B3609704BCCA5D850DEDC296.mlw
sha1: b3ff8c8d1a4014bbacb0d78a4a3c86e211f9a49f
sha256: a91db2a0dcd1f6c44bbd2b10eae9566529f0f5a255b946bdc6a276d8f011d3cd
sha512: a64b6840cc073a5d5d88c2969caea3efc3fab589832c996cbca4d54dd9f4c05c9a2172648e3ee48fd2152209edb20bdd7e6d62208b0f61f4700e7ad006722a00
ssdeep: 1536:DyhE2BRzB8jK8EeQd5bKfydQOzRBaxzP+7NyZak8gCKD4xn:DjG5B8jfEeC5eyeqaxLiNQt85
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

0: [No Data]

PWS:Win32/Gamania!D also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.PWStealer.4.FECCF215
FireEyeGeneric.mg.07019bc1b3609704
Qihoo-360Win32/TrojanSpy.QQLogger.HwsBNscA
McAfeeArtemis!07019BC1B360
CylanceUnsafe
VIPRETrojan-PSW.Win32.Nilage.o (fs)
AegisLabHacktool.Win32.Black.lAAL
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 7000000f1 )
BitDefenderGeneric.PWStealer.4.FECCF215
K7GWTrojan ( 7000000f1 )
Cybereasonmalicious.1b3609
BitDefenderThetaAI:Packer.8B53CFFD1A
CyrenW32/PWS.EAYT-1251
SymantecTrojan.PWS.QQPass.G
ESET-NOD32Win32/PSW.QQPass.NAM
APEXMalicious
AvastWin32:Evo-gen [Susp]
ClamAVWin.Trojan.Ag-1
KasperskyTrojan-PSW.Win32.QQPass.jl
AlibabaTrojanPSW:Win32/QQPass.c70d0835
NANO-AntivirusTrojan.Win32.QQPass.fobclj
ViRobotTrojan.Win32.A.PSW-QQPass.73216.B[UPX]
RisingTrojan.PSW.QQPass.qbh (CLOUD)
Ad-AwareGeneric.PWStealer.4.FECCF215
SophosMal/Generic-R
ComodoBackdoor.Win32.Delf.~DP@1mio9l
F-SecureDropper.DR/Delphi.Gen
DrWebTrojan.PWS.Fox
ZillyaTrojan.QQPass.Win32.1772
TrendMicroMal_Lineage
McAfee-GW-EditionBehavesLike.Win32.Sytro.lc
CMCGeneric.Win32.07019bc1b3!MD
EmsisoftGeneric.PWStealer.4.FECCF215 (B)
IkarusTrojan-PWS.Win32.QQPass
JiangminTrojan/PSW.QQPass.ic
WebrootW32.Malware.Gen
AviraDR/Delphi.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan[PSW]/Win32.QQPass
MicrosoftPWS:Win32/Gamania.gen!D
ArcabitGeneric.PWStealer.4.FECCF215
AhnLab-V3Trojan/Win32.QQPass.C210792
ZoneAlarmTrojan-PSW.Win32.QQPass.jl
GDataGeneric.PWStealer.4.FECCF215
CynetMalicious (score: 100)
TotalDefenseWin32/Lineage.BJM
VBA32MalwareScope.Trojan-PSW.Game.7
ALYacGeneric.PWStealer.4.FECCF215
MalwarebytesPolyRansom.Virus.FileInfector.DDS
PandaTrj/QQPass.QV
TrendMicro-HouseCallMal_Lineage
TencentMalware.Win32.Gencirc.10c85567
YandexTrojan.GenAsa!EKe4anrraVI
SentinelOneStatic AI – Suspicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/QQPass.FQ!tr.pws
AVGWin32:Evo-gen [Susp]
MaxSecureTrojan.Malware.300983.susgen

How to remove PWS:Win32/Gamania!D?

PWS:Win32/Gamania!D removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment