WMA.Wimad.Drp
WMA.Wimad.Drp is a detection method to identify malicious or infected MP3 files. This Trojan usually spreads through file-sharing networks and infects multimedia files on victim’s computer. The Trojan may also infect several driver and dynamic link library (DLL) files on the compromised system.
Alias: WMA.Wimad[Drp]
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista
Characteristics
Once executed, WMA.Wimad.Drp will look for presence of multimedia file. When found, the Trojan may embed malicious code that may result to automatic execution when user opens the file. It targets files that are located inside the directory of P2P software. WMA.Wimad.Drp Trojan anticipates spreading itself when sharing the infected files via this channel.
Aside from infected multimedia files, WMA.Wimad.Drp also drops other types of threats. It adds harm by infecting DLL files and driver files. These new viruses will drop multiple harmful files under Windows system folder. It may also add unwanted toolbar called Morpheus inside Internet Explorer.
Distribution
This Trojan may arrive on a computer posing as a media decoder. It typically spreads on file-sharing networks or peer-to-peer connections. Additionally, WMA.Wimad.Drp may use infected web sites. When user attempts to view multimedia files from this site, the Trojan will prompt that a decoder is required. However, instead of having access to the video, user may obtain the Trojan without his knowledge.
Issue with Avast Antivirus
In some instances, many computer users who encounter WMA.Wimad.Drp infection are suffering from false positive. The Trojan do not exists on their computer. The main reason why Avast detects some files as harmful is because of file-association that is unknown to older version of the anti-virus. To resolve this issue, please update your installed Avast program. If the problem persists, scan the computer using online virus scanner.
How to Remove WMA.Wimad.Drp
1. Temporarily Disable System Restore (Windows Me/XP). [how to]
2. To identify even the most recent variant of WMA.Wimad.Drp, open your antivirus application and update the virus definitions.
3. Start Windows in Safe Mode with Networking.
- From a power-off state, turn on the computer and press F8 repeatedly.
- Your computer will display Windows Advanced Boot Options menu. Select Safe Mode with Networking.
- System will boot Windows loading only necessary drivers and system files.
4. Open your antivirus program and run a full system scan. After the scan, delete all infected items. If unable to delete, better place them in quarantine. Once the scan is complete please proceed with the next step.
Scan with Stinger:
Stinger is a portable security tool that can detect and remove particular viruses. It utilizes a highly developed scan engine technology that includes process scanning and scan function optimization.
5. Go to Stinger and download the tool. Save it to your desktop.
6. Once the download completes, double click on the file to run the program.
7. The Stinger main program will open.
8. Default directory to scan is the system drive (C:\). You may add additional drives to scan by clicking on Add button.
9. Click on Scan Now button to begin scanning assigned drives.
10. Stinger will now scan and repair/delete all infected files.
11. When done, you may now close Stinger and restart Windows in normal mode.
Alternative Removal Method for WMA.Wimad.Drp
Option 1 : Use Windows System Restore to return Windows to previous state
If WMA.Wimad.Drp enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before WMA.Wimad.Drp infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.
stuart
May 12, 2012 @ 09:29:11
tried stinger did not work