© 2008 System-Protector.com All Rights Reserved.
Bit Defender | Kaspersky | ESET NOD32 | AVG Antivirus | F-Secure Antivirus | Trend Micro | McAfee VirusScan | Norton antivirus | CA Antivirus | Norman Antivirus | G DATA Antivirus | Panda Antivirus | AVAST Antivirus | F-Prot antivirus | PC Tools Antivirus | Webroot Antivirus | ViRobot
Latest in trend:
» viruses
W32.Winemmem!inf
How to remove W32.Winemmem!inf?
What is W32.Winemmem!inf?
Discovered on November 14th 2008, W32.Winemmem!inf is a virus that infects .dll files. It also downloads potentially malicious files from the Internet.
The systems that are affected are Windows XP, Windows Server 2003, Windows 2000
How does it affect your PC?
When the virus executes, it searches for executable files in the following locations:
- The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run subkey
- %Desktop%\*.lnk
- %UserProfile%\Application Data
The virus then searches for .dll files associated with the .exe files that it finds. Next, the virus copies the .dll files to the same folder that contains the .exe file. It then infects the copied .dll so that malicious code is executed whenever any of the .exe files run. The virus then hooks the Send API in order to access the following sites whenever an application uses the Send API:
- [http://]update.microsoft.com
- [http://]www.ritecounter.com/scripts/html[REMOVED]
- [http://]c.statcounter.com/4130495/0/2d4c10c8/[REMOVED]
It may also download and execute remote files from following locations:
- [http://]vamqueen.MrBonus.com
- [http://]vamqueen.c0m.st
How to remove W32.Winemmem!inf?
- 1. Restart the computer using the Windows Recovery Console.
- 2. Disable System Restore (Windows Me/XP).
- 3. Update the virus definitions.
- 4. Run a full system scan.