Home > General > W32/Winko.worm.dll


Careers Legal Policies & Privacy Contact Us Site Feedback Participate in Research Site Map

Users running other Windows versions can proceed with the succeeding solution set(s). The following threats are known to be associated with the file "213a0440.dll": Threat AliasNumber of Incidents Trojan.DL.Agent.VRX [PC Tools]374 W32/Winko.worm.dll [McAfee]301 WORM_AUTORUN.TA [Trend Micro]172 Backdoor.Win32.Agent.ahj [Kaspersky Lab]138 TROJ_NSPAK.A [Trend Micro]133 BackDoor-DKA Such determination can only be made by observing its dynamic behaviour.

Therefore, even after you remove W32/Winko.worm.dll from your computer, it’s very important to clean the registry. Your Windows Registry should now be cleaned of any remnants or infected keys related to W32/Winko.worm.dll. To get rid of W32/Winko.worm.dll, the first step is to install it, scan your computer, and remove the threat. It drops copies of itself in all physical drivesand in all removable drives. http://www.mcafee.com/threat-intelligence/malware/default.aspx?id=142652

Restarting in Safe Mode This malware has characteristics that require the computer to be restarted in safe mode. They are often spread by a network or by transmission to a removable medium such as a removable disk, writable CD, or USB drive. Go to this page for instructions on how to restart your computer in safe mode. Deleting Malware-created AUTORUN.INF/s Right-click Start then click Search...

On windows XP: Insert the Windows XP CD into the CD-ROM drive and restart the computer.When the "Welcome to Setup" screen appears, press R to start the Recovery Console.Select the Windows Hi gang, I've been working on this computer for a couple of days, and I can't seem to get rid Thread Tools Search this Thread 04-11-2008, 05:40 AM Trend Micro offers best-of-breed antivirus and content-security solutions for your corporate network, small and medium business, mobile device or home PC.

About Trend Micro Sign In All Rights Reserved.

Such determination can only be made by observing its dynamic behaviour. UnHackMe quickly removes rootkits/malware/adware/browser hijack issues! You can hold the Shift key to select multiple drives to scan. http://www.solvusoft.com/en/malware/viruses/w32-winko-worm-dll/ Threat Encyclopedia Save & Share Choose your country: US, Canada UK, Ireland Australia, NZ Asia Pacific Japan Taiwan China Germany France Italy Mexico Brazil WORM_WINKO.AO Overview Overview Malware type:Worm Aliases:Worm.Win32.AutoRun.bnk

It does this by creating the following registry key(s)/entry(ies): HKEY_CURRENT_USER\SYSTEM\CurrentControlSet\Services\2C7E4380 Description = "93348300" DisplayName = "2C7E4380" ImagePath = "%System%\66857980.EXE -k" ObjectName = "LocalSystem" (Note: %System% is the Windows system folder, which Other Internet users can use HouseCall, the Trend Micro online threat scanner. The following threats are known to be associated with the file "6553bb80.dll": Threat AliasNumber of Incidents TROJ_NSPAK.A [Trend Micro]189 Trojan.DL.Agent.VRX [PC Tools]182 W32/Winko.worm.dll [McAfee]86 Generic.dx [McAfee]81 Backdoor.Win32.Agent.ahj [Kaspersky Lab]75 Packed/NSPack [PC Solution: Identifying the Malware Files Scan your computer with your Trend Micro antivirus product.

The best method for avoiding infection is prevention; avoid downloading and installing programs from untrusted sources or opening executable mail attachments. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP). CLICK HERE to verify Solvusoft's Microsoft Gold Certified Status with Microsoft >> CLOSE Tech Support Forum Security Center Virus/Trojan/Spyware Help General Computer Security Computer Security News Microsoft Support BSOD, Crashes And To remove W32/Winko.worm.dll from your computer using ClamWin, you need to perform the following steps: Step 1 Access http://www.clamwin.com/content/view/18/46/ and click the Download Now button to download ClamWIn.

UnHackMe uses minimum of computer resources. Here's my log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:16:09 AM, on 4/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running Regardless of the virus' behavior, the primary objective of computer hackers who program viruses such as like W32/Winko.worm.dll is to delete, destroy, or steal data. Although many viruses contain a destructive payload, it's quite common for viruses to do nothing more than spread from one system to another.

Minimum Engine 5600.1067 File Length 17371 Description

Download the latest scan engine here. Deleting/Restoring Other Registry Entries Still in Registry Editor, in the left panel, double-click the following: HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>PCHealth>ErrorReporting In the right panel, locate the entry: DoReport = "0" Right-click on the value name As a result, malicious routines of the downloaded files may be exhibited on the affected system. UnHackMe uses minimum of computer resources.

Click the Yes button. File Extensions Device Drivers File Troubleshooting Directory File Analysis Tool Errors Troubleshooting Directory Malware Troubleshooting Windows 8 Troubleshooting Guide Windows 10 Troubleshooting Guide Multipurpose Internet Mail Extensions (MIME) Encyclopedia Windows Performance Copying message to...

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

Step 3 Click the Next button. It does this by creating registry entry It creates and modifies registry entries as part of its installation routine. problem with two inboxes in Outlook Thunderbird. It drops component files.

For additional information about this threat, see: Description created:Jan. 11, 2008 8:13:16 AM GMT -0800

Technical Details Technical Details File type:PE

Password Site Map Posting Help Register Rules Today's Posts Search Site Map Home Forum Rules Members List Contact Us Community Links Pictures & Albums Members List Search Forums Show Threads Once a virus such as W32/Winko.worm.dll gains entry into your computer, the symptoms of infection can vary depending on the type of virus. It accesses Web sites to download files. All rights reserved.

There are also more harmful viruses that present the infamous “blue screen of death”, a critical system error that forces you to keep restarting your computer. Malware Analysis of W32/Winko!worm - 482E611E.DLL Created files: %Program Files%\Google\Chrome\Application\46.0.2490.80\widevinecdmadapter.dll %Program Files%\Google\Chrome\Application\46.0.2490.80\xinput1_3.dll %SysDir%\482E611E.DLL %SysDir%\F4619114.EXE %SysDir%\index.dat Autostart registry keys: HKLM\System\CurrentControlSet\Services\152B478C\ImagePath: "%SysDir%\F4619114.EXE -k" HKLM\System\CurrentControlSet\Services\152B478C\DisplayName: "152B478C" HKCU\SYSTEM\CurrentControlSet\Services\152B478C\DisplayName: "152B478C" HKCU\SYSTEM\CurrentControlSet\Services\152B478C\ImagePath: "%SysDir%\F4619114.EXE -k" HKLM\Software\Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\LocalServer32\: ""%Program Files%\Google\Chrome\Application\46.0.2490.80\delegate_execute.exe"" The file "213a0440.dll" is known to be created under the following filename: %System%\213a0440.dll Note: %System% is a variable that refers to the System folder. It registers itself as a system service to ensure its automatic execution at every system startup.

Step 13 Click the Close () button in the main window to exit CCleaner. Refer to this Microsoft article for more information about modifying your computer's registry. VirusTotal (0/56). Step 3 Click the Next button.

Change the value data of this entry to: 1 In the left panel, double-click the following: HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Windows> CurrentVersion>Explorer>Advanced>Folder>Hidden>SHOWALL In the right panel, locate the entry: CheckedValue = "0" Right-click on the