I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
WINDRV.EXE – Backdoor IRCBot removal
File | MD5 | Virus Alias |
---|---|---|
WINDRV.EXE | 9a989b33eb386f41f41f109ff317dc8e | Backdoor IRCBot |
WINDRV.EXE | 9a989b33eb386f41f41f109ff317dc8e | Trojan Generic |
WINDRV.EXE | 9a989b33eb386f41f41f109ff317dc8e | Trojan Small |
WINDRV.EXE size: 8192 bytes
WINDRV.EXE hash: 9A989B33EB386F41F41F109FF317DC8E
Created files:
%WinDir%\dllreg.exe
%SysDir%\load32.exe
%SysDir%\vxdmgr32.exe
%WinDir%\windrv.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\load32: %WinDir%\System32\load32.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: explorer.exe %WinDir%\System32\vxdmgr32.exe
Detected by UnHackMe:
WINDRV.EXE
Default location: %WinDir%\WINDRV.EXE
Dropper information:
MD5: 001e6ceb0025c1e3a4ef90c3f2a83d6e
File size: 20507 bytes