How many of you use Windows? Well, it’s a bad……very bad idea to use it. I was using it lately just to find out that the system had a bunch of trojans! The user had no clue of it. Process: “wininit.exe”. If you use Windows Vista, see if you have that app running. It’s a WOLLF.16. Apparently, wininit.exe is a crucial system file in Vista, that if you try to kill it(which you will succeed), what do you see? A blue screen! Your system has just crashed!
What is “wininit.exe” exactly?
It looks for a file called “WinInit.INI”. If its found, it processes the commands found in this file. There is your malware hidden. It’s very dangerous when a filename crosses between legit, malware, etc.
The registry needs to edited to delete this Trojan
1. Click START, RUN
2. Type REGEDIT and hit ENTER key
3. In the left panel, click the “+” to the left of the following:
4. In the right panel, search for any of the registry key that contains the data value of bymer.scanner = “%virus path and filename%”
Where %virus path and filename% is the complete path of the Trojan.
5. Make a note of the exact path to the virus, then close Regedit.
6. Restart the Computer in MS-DOS Mode.
7. Delete the file name referenced in Step 3 above
8. Reboot the system
9. Following the information in Steps 1 and 2, open Regedit and proceed to the Run line
10. In the right window, highlight the registry key that loads the file and press the DELETE key. Answer YES to delete the entry. Exit the registry.
11. Scan your system with an up-to-date antivirus program and clean any infected files