Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer

 

HijackThis automated log analyzer! Submit a log and you will receive ALL the information we have in our DB's on everything on your system INSTANTLY!

WinHook32.exe


Click here to scan for WinHook32.exe Related Errors and Optimize PC performance

WinHook32.exe
What is it?
WinHook32.exe is a file associated with the W32.mydoom.ac@mm worm

What does it do?
W32.Mydoom.AC@mm is a mass-mailing worm that launches a Denial of Service (DoS) attack against a remote server. It can also spread through file-sharing networks.
Copies itself as WinHook32.exe in the system folder
  1. Adds the value:

    "SystemWideHook for Windows NT" = "%WinHook32.exe"

    to the registry key:

    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersion
    RunServices
  2. Adds the value:

    "Run" = "WinHook32.exe"

    to the registry key:

    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion
    policiesExplorer
  3. Creates a mutex named "focDSJSODidvjfdsivraSDOSDoisdi", so that only one copy of the worm runs at once on the compromised system.
Searches for the Kazaa, Morpheus, and iMesh-shared folders by querying the registry. It also searches for the following folders:
    • C:Program FileseDonkey2000Incoming
    • C:Program FilesLimeWireShared
  1. Copies itself to the file share folders found, using the following file names:
    • MSNCracker2005.exe
    • GameCrack2005.exe
    • Windows_Activation.exe
    • XP_Crack.exe
    • Office2005.exe
    • Install.exe
    • Setup.exe
Removal

@symantec

Fix WinHook32.exe Errors: Free Scan

Recommended: Run a Free Performance Scan to automatically optimize memory, CPU and Internet Settings




WinHook32.exe is Spyware!

Startup DB Entries:
Nothing Found

Service DB Entries:
Nothing Found

Disclaimer

Every attempt has been made to ensure the information about WinHook32.exe is accurate but alot of malware applications try to pose as valid applications. If it is something other than what was posted above please leave some feedback in the forum.
Printer Friendly

User Comments
Security Risks - Adware Spyware
sndconfg16.exe | salm.exe | isass.exe | se.dll | kazza.exe | backweb-7288971.exe | bridge.dll | wtoolsa.exe | tkbellexe.exe | dl.exe | newdot~1.dll | wupdt.exe | mwsoemon.exe | saie.exe | webrebates0.exe | bxxs5.dll | funny.exe | 180ax.exe | randreco.exe | mssearchnet.exe | service.exe | webrebates1.exe | saap.exe | sais.exe | wsup.exe | backweb-137903.exe | sed.exe | alcmtr.exe | wo.exe | ffisearch.exe | optimize.exe | iadhide4.dll | backweb-8876480.exe | cdaengine0400.dll | istsvc.exe | newdotnet6_38.dll | Fvprotect.exe | Winupdate.exe | java.exe | cmesys.exe |