Winesm32.exe

I had that in my autostart after being infected with serveal infections (unsure exactly what).
Malwarebytes only found it if I had it in autostart, if I removed it from autostart and moved it to desktop - it would not find it.
Avast did not find anything. NOD32 did not find anything.

I opened it in sandbox and I could see it has malicious activities.

Does anyone know what winesm32.exe is? Or have any information?

winesm32.exe is a trojan/backdoor. To remove it:

  1. disable the process in taskmanager
  2. delete the file
  3. reboot (you can get a warning file not found, if so just ignore it)
  4. run ccleaner
  5. reboot

Keep in mind that there is no AV, malware remover that can detect/clean everything.
For more information on how to check/clean a system thoroughly, please read the site on malware removal in my signature.

Thanks! Do you know any place where I can read more about it? I just find it weird why it was not detected even though if it was scanned deeply, it would be detected that it connects to Russian sites etc.

That’s what made me worried!

Just type in the name of that file into Google. Lot’s of sites that have more information.

That’s the thing. I did and I find no information about it… well, apart from some people mentioning it but nothing official.

Results 1 - 10 of about 4,850 Dutch and English and German pages for Winesm32.exe
See This