windns32.exe - Dangerous

windns32.exe

Manual removal instructions:

Antivirus Report of windns32.exe:
windns32.exe Malware
windns32.exeDangerous
windns32.exeHigh Risk
windns32.exe
W32.Gaobot.WX is a worm that attempts to spread through network shares that have weak passwords.
It allows attackers to access an infected computer through IRC.

Also Known As: WORM_AGOBOT.WN, Backdoor.Agobot.li, W32/Gaobot.worm.gen.g

Copies itself as %System%\Windns32.exe.
Adds the value: "WinDNS" = "windns32.exe"
to the registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Connects to an IRC server and listens for commands.
Allows an attacker to control an infected computer:
- Download and execute files
- Steal system information
- Steal CD keys for various video games
- Take screenshots
- Terminate processes
- Run a SOCKS server on a compromised system

Uses a list of user names and passwords.
Ends many processes that are associated with the antivirus and firewall software.
Attempts to delete the files and registry values associated with other worms.

Use RegRun Startup Optimizer to remove it from startup.

Remove windns32.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.