Wininimil.exe automatically start
Sunday, July 18, 2004 at 12:00 pm
Posted by mabrus
(2 messages posted)
Hello! I'm using Win2000 and I've the following problem: each time I start my computer,
I've an error message from the program Wininimil.exe which tells me a that "xxx.tmp
is not a windows image". First question: does anyone knows what winimil is? and
how can I avoid this program to start? I tried to remove the registry key in the
"Software/Microsoft/Windows/Run", but each time I restart my computer, the registry
key reappears.
Does anyone has an idea how I could solve my problem?
Tanks,
MAB
[Reply or follow-up to this message]
|
re: Wininimil.exe automatically start
Sunday, July 18, 2004 at 2:31 pm
Posted by DEX
(11739 messages posted)
W32.Spybot.Worm///Wininimil.exe
Worm.P2P.SpyBot.gen [ Kaspersky ]
W32/Spybot-Fam [ Sophos ]
W32/Spybot.worm.gen [ McAfee ]
RM_SPYBOT.GEN [ trend ]
Win32.Spybot.gen [ computer Associates ]
Kind: Worm
from: KaZaa, IRC
W32.Spybot.Worm (Spybot is the Bezeichung of a whole family of worms. Individual
variants are marked with the identification letters of the respective variant. Example
W32.Spybot.dr.
Spybot a worm is, that itself over the file sharing system KaZaa and over IRC (Internet
Relay Chat) spread. Some variants have additional spreading mechanisms over safety
gaps in the Windows Operating system.
Most variants contain a Backdoor Function, over which an aggressor receives full
control of the infected computer.
With the infection of the computer the worm copies itself into the Windows %System%
listing. The file name is different with the different variants.
Example: c:\windows\system32\wininimil.exe
Note:
%System% are a system variable, which contains the actual file path. This varies
with the different Windows versions. Example: %System% contain C:\Windows\System
with Windows 95/98/Me, C:\Winnt\System32 with Windows NT/2000, and C:\Windows\System32
with Windows XP.
Spybot becomes with the system start by one or more entries in the Windows Registry
activated.
Example:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Microsoft update Machine = wininimil.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Microsoft update Machine = wininimil.exe
Further functions, those in different variants of Spybot are implemented:
* Denial OF service (DOS) Attack on certain goals
* Deactivate from anti-virus software
* Note from keyboard entries
* Passing on of system and user information
Distance of Spybot:
As is the case for many other viruses, or Trojan horses, Spybot knows worms not in
the current system to be removed:
* the current process blocks the file
* Windows protects the listing, in which the program is
* the system re-establishment of Windows Me/XP restores the file after the deletion
For distance should be proceeded as follows:
1. System re-establishment of Windows Me/XP deactivate
2. Start of the computer into the secured mode
3. all files with current virus definitions to examine leave
4. if by the virus protection program settles not automatically:
* infected files delete
* Entries from the Windows registration remove
5. normal system start
6. System re-establishment (Me/XP) activate
Note:
Extensive consequences can have change in the Windows registration. Manual changes
should be accomplished only in the exceptional case by users with sufficient knowledge.
(provided: 15.07.2004)
------------------------------------------------------
Spywareinfo,,,,,This web site has alot of links,Free and Try b/4 you buy programs
That you can download that will remove Spyware,Virus,Spam Email, and many others..
The Web is now a Electronic Jungle ,so you need to have the tools that will keep
you safe in the World Wide Jungle
***To see the list go to ,see below
http://www.spywareinfo.com/downloads.php?cat=sp
---------------------------------------------------------
Download AVG by Grisoft,Anti-Virus System,it's FREE,for single home users:
AVG Free Edition and get:
1.AVG Resident Protection
2.AVG e-mail Scanner
3.AVG On-Demand Scanner
4.Basic Scheduled Tests
5.Free Virus Database Updates
6.Automatic Update feature
7.Easy-To-Use Interface
8.Automatic Healing of infected files
9.AVG Virus Vault for safe handling of infected files
9a.Plus you can run it under DOS with 32bit format...
9b And it puts Norton/McAfee to shame.........
9c You will need a e-mail address to get you SN # to install it.
Download from http://www.grisoft.com/us/us_dwnl_free.php
--------------------------------------------------------
Download SpywareGuard ,it's FREE
SpywareGuard is a real-time anti-spyware program.
it eats alot of ram but it works...
from http://www.wilderssecurity.net/spywareguarddonate.html
---------------------------------------------------------
Download Spybot install it,then run it in Safe mode (F8 key to boot)
then download Spyware Blaster it keeps them OFF your machine,,It's FREE
Spybot from http://www.safer-networking.org/index.php?lang=en&page=download
--------------------------------------------------------
Spyware Blaster.It's FREE, from see below
http://www.javacoolsoftware.com/spywareblaster.html
if you get a error ( it can't find mscomctl.ocx file download the one below)
http://www.spywareinfo.com/forums/index.php?showtopic=6756
--------------------------------------------------------
see other downloads below
--------------------------------------------------------
Download CWShredder,It's FREE, from http://www.spychecker.com/program/cwshredder.html
CW Shredder is one that you need to take care with, read all the items that
pop up ....because it will do just that...
--------------------------------------------------------------------------
Ad-aware It's FREE, from http://www.lavasoftusa.com/ this is a good one it's like
Spybot but finds some more that are hidden.....
-------------------------------------------------------------------------
Download and Check your machine on line with HiJacker.It's FREE
URL Link http://www.noadware.net/?hop=diginfo
------------------------------------------------------------
Plus download a fire wall like ZoneAlarm.....it's FREE
from http://download.com.com/3000-2092-10039884.html
or from
http://www.zonelabs.com/store/content/company/products/trial_zaFamily/trial_zaFamily.jsp?lid=home_freedownloads
------------------------------------------------------
ToolbarCop, to remove the unwanted Toolbands
ToolbarCop v2.4
http://www.mvps.org/sramesh2k/toolbarcop.htm
-----------------------------------------------------
hope this helps τΏτ
On Sunday, July 18, 2004 at 12:00 pm, mabrus wrote:
>Hello! I'm using Win2000 and I've the following problem: each time I start my computer,
>I've an error message from the program Wininimil.exe which tells me a that "xxx.tmp
>is not a windows image". First question: does anyone knows what winimil is? and
>how can I avoid this program to start? I tried to remove the registry key in the
>"Software/Microsoft/Windows/Run", but each time I restart my computer, the registry
>key reappears.
>Does anyone has an idea how I could solve my problem?
>
>Tanks,
>MAB
[Reply or follow-up to this message]
|
