Gphone Virus removal (gtalk virus)

Note: Literally i was crying when i was effected with this
stupid virus. I had to bear with this for 3 months, finally got rid
of it. Hurray........ :) gphone.exe is nowadays one of the most dangerous virus
spreading very fastly.Its a trojan and changes your IE
homepage and sends tries to open gtalk and yahoo
messenger.It even sends messages to gtalk contacts and sends
some arbitary links. Never ever click those links unless you
want to get effected by this deadly virus. Gphone virus basically is a 260 kb or some times 360 kb .exe
file which looks like a folder and it can take any name of any
other folder if you have clicked on the virus folder which looks
like a folder but it isnt.If you have a folder name “ movies ” in your E drive it will make a exe file in the folder named
movies.exe and if you click on that exe file it too work as a
virus.It makes .exe files in all the folders you have with the
name of the folder. If you start clicking those exe files, new processes will be
added to the processes list in the task manager. Eventually it
will slow down the computer. Names : gphone (a.k.a) imaut.e (a.k.a) sohanad.t

Type : IM Worm
Will be shown as : Worm/Autoit.VQV
Detected on : Around December, 2008
Attacks on : Windows XP and Vista
Nuisance level : High Method of attack : Through IM clients such as (Gtalk and Yahoo
Messenger) and pen drives Prevention
1. Do NOT click on any unauthorized link which you get from your contacts in gtalk or Yahoo Messenger.
2. Do NOT double click on duplicate folders.THey are not
actually the folders.They are the exe files.(A folder with the
same name as the parent folder, for example a folder called
'songs.exe' inside the 'songs' folder) in a pen drive as they are
disguised virus files. You can easily spot they difference as their
size will be around 260KB or 360 kb.
3. Install a spyware detector like Spyware Doctor to regularly
scan for malware.
4. Install Tune Up Utilities to check and fix your registry from
serious errors. CURE If you are effected with this stupid Gphone virus, dont worry,
follow these steps.

1) Download AVG 8.5 or later version, it is free of cost you can
get that from www.softpedia.com website. I have used this
versoin of AVG (avg_free_stf_en_85_386a1586)
2)After that disconnect your internet connection to prevent the
virus from being able to spread itself in the network by
sending messages to your contacts. 3) After that run a whole computer scan to remove this virus.
And presto,the virus will be gone. You may encounter the following viruses,trojans and
spywares Viruses
Adware Generic.COE

If you still want to further check or clean your computer then
do the following steps, but they are not neccasary. Just for our
satisfaction.... :) 1) Disconnect once again from the internet.

2)Use the Process Manager in 'Tune Up' or 'Glaxy Utilities' to
delete the "gphone.exe" process

3) Go to Windows Search (Run > Search) and search the
entire computer for ".exe" files that are less than 270KB and
shift delete all the duplicate folders which appear (usually they are 262KB). Remember to include hidden folders in your search.

4) Use a properly updated spyware scanner, (like spyware
doctor) to search the registry for corrupted entries by the virus.

5) Use the Registry Editor to manually search for the infected
registries and delete them (registry editing is very dangerous,
make sure you do NOT delete the wrong registries) . For the corrupted registries you can edit them by right clicking on the
entry, clicking on "edit" and removing the text "gphone.exe"
from the registry entry

6) Go to Internet Options in Control Panel, and change the
home page of Internet Explorer back to blank. Also add the
virus link to restricted sites.

7) Go to Task Scheduler in Control Panel, and delete the entry
"At 1 am.... ".. This is the entry which enables the virus to
reinstall itself everyday even after removing it. Until you
remove this entry, the virus will continue to reappear.

8) Scan the whole computer for one last time

9) Restart.