Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer


HijackThis automated log analyzer! Submit a log and you will receive ALL the information we have in our DB's on everything on your system INSTANTLY!


Click here to scan for windrv32.exe Related Errors and Optimize PC performance

What is it?
windrv32.exe is a file associated with the W32.Mydoom.T@mm mass mailing worm

What does it do?
W32.Mydoom.T@mm is a mass-mailing worm that downloads a copy of Backdoor.Nemog.B.
Once W32.Mydoom.T@mm is executed, it performs the following actions:
  1. Creates the following copies of itself:
    • %System%windrv32.exe
    • %Userprofile%Start MenuProgramsStartupautostart.exe

    • %System% is a variable that refers to the System folder. By default, this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
    • %Userprofile% is a variable that refers to the current user's profile folder. By default, this is C:Documents and Settings<Current User> (Windows NT/2000/XP).
  2. Downloads, saves, and executes a temporary file from one of the following domains:
  3. Adds the value:

    "WinSPF" = "%System%windrv32.exe"

    to the following registry keys:


    so that it is executed every time Windows starts.
More info and Removal

Fix windrv32.exe Errors: Free Scan

Recommended: Run a Free Performance Scan to automatically optimize memory, CPU and Internet Settings

windrv32.exe is Spyware!

Startup DB Entries:
[windrv]"Added by an unidentified VIRUSb
[WinSPF]"Added by the MYDOOM.T WORM!" b

Service DB Entries:
Nothing Found


Every attempt has been made to ensure the information about windrv32.exe is accurate but alot of malware applications try to pose as valid applications. If it is something other than what was posted above please leave some feedback in the forum.
Printer Friendly

User Comments
Security Risks - Adware Spyware
sndconfg16.exe | salm.exe | isass.exe | se.dll | kazza.exe | backweb-7288971.exe | bridge.dll | wtoolsa.exe | tkbellexe.exe | dl.exe | newdot~1.dll | wupdt.exe | mwsoemon.exe | saie.exe | webrebates0.exe | bxxs5.dll | funny.exe | 180ax.exe | randreco.exe | mssearchnet.exe | service.exe | webrebates1.exe | saap.exe | sais.exe | wsup.exe | backweb-137903.exe | sed.exe | alcmtr.exe | wo.exe | ffisearch.exe | optimize.exe | iadhide4.dll | backweb-8876480.exe | cdaengine0400.dll | istsvc.exe | newdotnet6_38.dll | Fvprotect.exe | Winupdate.exe | java.exe | cmesys.exe |