Wintoo

By GoldSparrow in Worms

Translate To:

Wintoo, which is also known as Sexer, is a malicious worm that spreads via e-mail contained in messages that are infected with executable attachments. The email message and subject are in Russian. The Wintoo worm installs onto the users PC after it is executed and makes changes to the user's desktop background image. Wintoo will run on every Windows startup.

File System Details

Wintoo may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	win2drv.exe
Name: win2drv.exe Type: Executable File
2.	sex.exe
Name: sex.exe Type: Executable File
3.	kavutil.exe
Name: kavutil.exe Type: Executable File
4.	sex.bmp
Name: sex.bmp
5.	kavutil.bmp
Name: kavutil.bmp

Registry Details

Wintoo may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunWin2Drv

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunKAVutil

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Wintoo

File System Details

Registry Details

Submit Comment

Related Posts

WinTools

Trojan.WinTools

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen