NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  

Remove Wintoo. Description and removal instructions

 
Title: Wintoo
 Also known as: Sexer
Type: Worms
Severity scale:Wintoo severity is 41  (41 / 100)
 
Wintoo, also known as Sexer, is an Internet worm that propagates by e-mail in messages with infected executable attachments. The message's body and subject are written in Russian. Once executed, the parasite installs itself to the system, changes the desktop background image and runs a spreading routine. Wintoo sends malicious letters to all the addresses it finds in the Windows Address Book. The threat doesn't carry any destructive payload. Wintoo runs on every Windows startup.

FORUM:
Discuss Wintoo in
spyware removal forum

Wintoo properties:
• Hides from the user
• Stays resident in background

Automatic Wintoo removal:

remover for Wintoo

Wintoo manual removal:

Kill processes:
kavutil.exe, sex.exe, win2drv.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KAVutil
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Win2Drv
HELP:
how to remove registry entries

Delete files:
kavutil.exe, sex.exe, win2drv.exe, kavutil.bmp, sex.bmp
HELP:
how to remove harmful files

Misc:
kavutil.exe and win2drv.exe files come attached to Wintoo e-mail messages.

Exact file location:
sex.exe, sex.bmp - C:
kavutil.exe, kavutil.bmp - C:\Program Files\Common Files\System

Other programs to remove Wintoo:

• Malwarebytes Anti Malware - Review - Download
• Malwarebytes Anti Malware - Review - Download
• Windows Defender - Review - Download

Information added: 19/03/04
Information updated: 30/09/05

Additional resources related to Wintoo:

Attention: If you know or you have a website or page about Wintoo removal, feel free to add a link to this list: add url



more resources

Post Comment:

Attention: Use this form only if you have additional information about Wintoo parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.



Enter security code:

Latest spyware news:
Similar parasites:
Related discussions:
Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2008 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.