« previous next »
Pages: [1]   Go Down

Author Topic: I have Winime.exe on my desktop  (Read 6012 times)

0 Members and 1 Guest are viewing this topic.

altar

  • Guest
I have Winime.exe on my desktop
« on: November 09, 2006, 04:20:51 AM »
In addition to that lasse.exe, I realize that I also have a thing called winime.exe on my desktop!
How did this stuff pass through the Sygate Firewall and why isn't Avast noticing it?
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33923
  • malware fighter
Re: I have Winime.exe on my desktop
« Reply #1 on: November 09, 2006, 08:08:12 AM »
Hi altar,

%windir%\winime.exe
    %WinDir%\winime.exe is Trojan/Backdoor.
    Kill the process %WinDir%\winime.exe and remove %WinDir%\winime.exe from Windows startup.
 First, download this program called autoruns and save it to the desktop. Then, once launched, go to options->hide microsoft entries. Look through the tabs to see if there is anything that goes with winime.exe or anything that doesn't have a description and uncheck it. BE VERY CAREFUL. IF YOU UNCHECK CERTIAN THINGS, YOU COULD DAMAGE YOUR COMPUTER.
then go into safe mode by pressing F8 while your computer is starting to boot up. Click on administrator and delete anything, including the registry keys, that goes with winime.exe.

Source(s): also read instructions there.
Autoruns: http://www.microsoft.com/technet/sysinternals/utilities/Autoruns.mspx

polonus

Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

altar

  • Guest
Re: I have Winime.exe on my desktop
« Reply #2 on: November 09, 2006, 09:07:51 AM »
Hi Polonus,
Thank you for your help,
I ran autoruns but could find anything, there are things that I don't recognize but don't want to take the risk.
After I ran msconfig and found that the last event was that Lasse.exe trying to load,
so I unticked it, was I right to do that?
The program in the hidden files of the Windows folder, with lots of other weird looking files.
Can I try to delete Lasse.exe from those hidden files?
I haven't found anything related to that winime yet (although I think they came onto my computer at the same time, maybe together)
Can I try and delete that winime from the desktop?
Logged

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67194
Re: I have Winime.exe on my desktop
« Reply #3 on: November 09, 2006, 11:52:52 AM »
Quote from: altar on November 09, 2006, 09:07:51 AM
Can I try and delete that winime from the desktop?
Yes you can but unless you follow all instructions to get clean, most probably, the infection will come back.
If a virus is replicant (coming and coming again), you should:

1) Disable System Restore on Windows XP: http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;310405
    or on Windows ME: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q264887
2) Clean your temporary files.
3) With XP, schedule a boot time scanning with avast. Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot.
4) Use a-squared, Free AVG Antispyware, SUPERantispyware or Spyware Terminator (trojan removers).
Logged
The best things in life are free.
Pages: [1]   Go Up
« previous next »