Search Solo Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info SRN Micro Privacy Statement

 


WINTASK.EXE PROCESS INFORMATION

Process Name  : Winstask.exe

Process Path : %SYSTEM%\wintask.exe [ C:\Windows\System32\wintask.exe ]

Process type    : Internet Worm

Malware Name : W32.Navidad@mm

Alias             : I-Worm.Navidad, W32/Navidad@mm, W32/Navidad-B

Threat level : Low

Process Details :

                     Wintask.exe is dropped by Navidad.b worm. It is the modified variant of Navidad worm and it uses different icon and file name to spread. The worm is 16,896 bytes long {16.5and it is packed with UPX file compressor. The e-mail attachment name will be "EMANUEL.EXE".

                     While opening the e-mail attachment, the worm will show the following error message. When the user clicks ok button it will create a flower icon in the tray.

    

When the infected user clicks the flower icon, it will display following message.

When the message box button is pressed it will display the followinmg message.

When the user try to close the message box it will display the following message box.

                    The worm drops "WINTASK.EXE" in the Windows system folder and it modifies the registry settings to load automatically. So the infected user can't run any Windows applications. When the user try to run an application, the worm file is executed and it will generate one more flower icon in the tray.

                    The worm also sends infected mails to the mails stored in the inbox. The message subject will be "RE:" and the message body will be empty. The e-mail attachment name will be "EMANUEL.EXE".

How can I protect my system?

                   Solo has incorporated wintask.exe in its signature file to protect users from this worm attack. Solo antivirus registered users are already protected from this worm. Make sure that you have installed registered version of Solo Antivirus to protect your system from all virus threats.

How to remove this worm?

                   If you are already infected with wintask.exe process, you can remove it from your computer using Solo Antivirus software. Solo antivirus can detect and remove W32.Navidad@mm safely. Use the following link to Download 30 day trial version of Solo antivirus to remove viruses from your computer.

                   Solo anti-virus not only scans for all viruses, it contains a unique System Integrity Checker to protect you from New Internet Worms, Backdoors and malicious VB, Java Scripts. It also effectively removes all existing Internet Worms, File viruses, malicious VB, Java scripts, Trojans, Backdoors, boot sector, partition table and macro viruses.

You can purchase Solo antivirus using the link