win32exec.exe - Dangerous
win32exec.exe
Manual removal instructions:
Antivirus Report of win32exec.exe:
win32exec.exe
W32.Bitter
It is a worm that may be able to propagate through file-share networks.
It is produced by a constructor kit and can inject itself into other processes.
Performs some of the following actions:
- Inject entries into either the Notepad or Microsoft Internet Explorer processes.
- Download and execute a file, it if detects a webcam.
- Notify an attacker of its existence through a Web portal at the domain icq.com.
- Delete the original file that was executed.
- Be configured to only execute on a certain date.
Manual removal:
Navigate to the key: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
and delete the value: "load" = "%Windir%\win32exec.exe"
| win32exec.exe | Malware |
| win32exec.exe | Dangerous |
| win32exec.exe | High Risk |
It is a worm that may be able to propagate through file-share networks.
It is produced by a constructor kit and can inject itself into other processes.
Performs some of the following actions:
- Inject entries into either the Notepad or Microsoft Internet Explorer processes.
- Download and execute a file, it if detects a webcam.
- Notify an attacker of its existence through a Web portal at the domain icq.com.
- Delete the original file that was executed.
- Be configured to only execute on a certain date.
Manual removal:
Navigate to the key: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
and delete the value: "load" = "%Windir%\win32exec.exe"
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.