Support Forum Articles File Help Startup DB Tips Service DB Hijack This! Analyzer

 

HijackThis automated log analyzer! Submit a log and you will receive ALL the information we have in our DB's on everything on your system INSTANTLY!

windrv32.exe


Click here to scan for windrv32.exe Related Errors and Optimize PC performance

windrv32.exe
What is it?
windrv32.exe is a file associated with the W32.Mydoom.T@mm mass mailing worm

What does it do?
W32.Mydoom.T@mm is a mass-mailing worm that downloads a copy of Backdoor.Nemog.B.
Once W32.Mydoom.T@mm is executed, it performs the following actions:
  1. Creates the following copies of itself:
    • %System%windrv32.exe
    • %Userprofile%Start MenuProgramsStartupautostart.exe

      Notes:
    • %System% is a variable that refers to the System folder. By default, this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP).
    • %Userprofile% is a variable that refers to the current user's profile folder. By default, this is C:Documents and Settings<Current User> (Windows NT/2000/XP).
  2. Downloads, saves, and executes a temporary file from one of the following domains:
  3. Adds the value:


    "WinSPF" = "%System%windrv32.exe"

    to the following registry keys:

    HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun
    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun

    so that it is executed every time Windows starts.
More info and Removal
@symantec

Fix windrv32.exe Errors: Free Scan

Recommended: Run a Free Performance Scan to automatically optimize memory, CPU and Internet Settings




windrv32.exe is Spyware!

Startup DB Entries:
[windrv]"Added by an unidentified VIRUSb
[WinSPF]"Added by the MYDOOM.T WORM!" b

Service DB Entries:
Nothing Found

Disclaimer

Every attempt has been made to ensure the information about windrv32.exe is accurate but alot of malware applications try to pose as valid applications. If it is something other than what was posted above please leave some feedback in the forum.
Printer Friendly

User Comments
Security Risks - Adware Spyware
sndconfg16.exe | salm.exe | isass.exe | se.dll | kazza.exe | backweb-7288971.exe | bridge.dll | wtoolsa.exe | tkbellexe.exe | dl.exe | newdot~1.dll | wupdt.exe | mwsoemon.exe | saie.exe | webrebates0.exe | bxxs5.dll | funny.exe | 180ax.exe | randreco.exe | mssearchnet.exe | service.exe | webrebates1.exe | saap.exe | sais.exe | wsup.exe | backweb-137903.exe | sed.exe | alcmtr.exe | wo.exe | ffisearch.exe | optimize.exe | iadhide4.dll | backweb-8876480.exe | cdaengine0400.dll | istsvc.exe | newdotnet6_38.dll | Fvprotect.exe | Winupdate.exe | java.exe | cmesys.exe |