Click on screenshot to zoom
Danger level 7
Type: Trojans

Other mutations known as:
Trojan.Wimpixo.A

Trojan.Wimpixo

Trojan.Wimpixo is a dynamic link library (DLL) file which is bundled with other malware. It acts as a keylogger, stealing sensitive information such as passwords and usernames, and relays the stolen data to a remote server. This Trojan is extremely subversive and difficult to detect, and its only recognizable symptoms on the system will come from alerts generated by installed security software. This is because Trojan.Wimpixo performs all of its actions in the system background, not alerting the PC owner to its presence on the system.

This Trojan will be guise itself under the file name of \6to4v32.dll in an attempt to make detection by security software and the user that much harder. When Trojan.Wimpixo runs, it collects the infected computer’s name, the user name, MSC address and security identifier name for the account. It will then connect to andjobs.com, 1pennyhotels.com and hotelseas.com, to deliver the stolen info. It will also search “certstore.dat” on the infected PC’s default system folder and relay the file’s contents to its originators.

What is more, Trojan.Wimpixo opens up the infected PC’s firewall, which makes it that much easier for other malware to enter and root itself in the system. DriverUpdaterPro.exe is a process of Trojan.Wimpixo which tries to run secretly in the system background. It is known for creating other processes on the hard drive, and to delete other processes from the disk. It also adds a Registry Key to auto start programs on system start up, and can communicate via HTTP protocols with other computers without the user’s permission.

Trojan.Wimpixo.A creates a backdoor for other malware to more easily gain access to the infected PC, and this is achieved by the Trojan taking advantage of known system vulnerabilities and susceptibilities. Pirate versions of the Windows operating system will not resist this backdoor being created, while legitimate versions of Windows might detect the threat, and notify the user of its presence while preventing the creation of the backdoor. However if the system is infected by Trojan.Wimpixo it will allow access of the system to remote hackers, and the only way to stop this is to permanently destroy Trojan.Wimpixo from the PC.

This Trojan will give cyber criminals access to your most private information, making you vulnerable to identity and credit card fraud, among other criminally victimizing acts. In order to restore your PC’s security and safety, obliterate Trojan.Wimpixo completely. This can best be achieved by making use of the removal power of a genuine security tool, whereas trying to manually remove Trojan.Wimpixo might leave your PC severely damaged if you are inexperienced in such matters. Investing in a genuine security tool will also protect your PC against similar future attacks and threats.

Download Spyware Removal Tool to Remove* Trojan.Wimpixo
  • Quick & tested solution for Trojan.Wimpixo removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Trojan.Wimpixo

Files associated with Trojan.Wimpixo infection:

Ipripv32.dll
Iasv32.dll
Browsv32.dll
ClamAVFile
xml2u32i.dll
Browsv32.dll
SMbbc_179.exe
mspnp5e9f.exe
io80683.dll
heathers.exe
6to4ex.dll
mnsyt.exe
xjzitk107_2262[1].exe
SmitfraudFix.exe
Recycle.Bin.exe
MARA_NOD32_Fix_CutetyClub.exe
Irmontype.dll
DriverUpdaterPro.exe
6to4v32.dll
Ipripv32.dll
Iasv32.dll
FastUv32.dll
raspppoe.sys
userMainvga.dll
UNCWMDRbKK.exe
sbload8A.dll
feb.sys
eghh.dco
514.exe
FastUv32.dll
6to4v32.dll

Trojan.Wimpixo DLL's to remove:

Browsv32.dll
FastUv32.dll
Ipripv32.dll
6to4v32.dll
Iasv32.dll
xml2u32i.dll
Browsv32.dll
io80683.dll
6to4ex.dll
Irmontype.dll
6to4v32.dll
Ipripv32.dll
Iasv32.dll
FastUv32.dll
userMainvga.dll
sbload8A.dll

Trojan.Wimpixo processes to kill:

SMbbc_179.exe
mspnp5e9f.exe
heathers.exe
mnsyt.exe
xjzitk107_2262[1].exe
SmitfraudFix.exe
Recycle.Bin.exe
MARA_NOD32_Fix_CutetyClub.exe
DriverUpdaterPro.exe
UNCWMDRbKK.exe
514.exe

Remove Trojan.Wimpixo registry entries:

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ fesnn3
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.