wmiprvse.exe - Dangerous
%system%\wmiprvse.exe
Manual removal instructions:
Antivirus Report of %system%\wmiprvse.exe:
%system%\wmiprvse.exe
Trojan.Gletta.A is a Trojan horse that steals Internet banking passwords.
It logs keystrokes when you visit certain Web pages and emails the log to the attacker.
Web pages that link to .CHM files to exploit the Microsoft Internet Explorer ITS Protocol Zone Bypass Vulnerability are known to distribute Trojan.Gletta.A.
Captures all the keystrokes entered into any windows that match predefined list, and writes them into a log file.
Uses its own SMTP engine to send the log file to an external mail account.
It uses an SMTP server in Russia to send the mail.
The mail has the following characteristics:
Both the FROM and TO addresses have the domain "mail.ru"
The subject starts with "Business News from "
Use RegRun Startup Optimizer to remove it from your system.
%system%\wmiprvse.exe | Malware |
%system%\wmiprvse.exe | Dangerous |
%system%\wmiprvse.exe | High Risk |
It logs keystrokes when you visit certain Web pages and emails the log to the attacker.
Web pages that link to .CHM files to exploit the Microsoft Internet Explorer ITS Protocol Zone Bypass Vulnerability are known to distribute Trojan.Gletta.A.
Captures all the keystrokes entered into any windows that match predefined list, and writes them into a log file.
Uses its own SMTP engine to send the log file to an external mail account.
It uses an SMTP server in Russia to send the mail.
The mail has the following characteristics:
Both the FROM and TO addresses have the domain "mail.ru"
The subject starts with "Business News from "
Use RegRun Startup Optimizer to remove it from your system.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.