winmsrv32.exe - Dangerous

winmsrv32.exe

Manual removal instructions:

Antivirus Report of winmsrv32.exe:
winmsrv32.exe Malware
winmsrv32.exeDangerous
winmsrv32.exeHigh Risk
winmsrv32.exe
W32.Gaobot.AFJ is a worm that spreads through open network shares, backdoors that the Beagle and Mydoom worms install, and several Windows vulnerabilities.
The worm can also act as a backdoor server program and attack other systems.
Additionally, the worm attempts to stop the process of many antivirus and security programs.

Copies itself as one of the following:
%System%\msiwin84.exe
%System%\Microsoft.exe
%System%\WinMsrv32.exe
%System%\soundcontrl.exe
%System%\msawindows.exe

Adds one of these values:
"Microsoft Update"="msiwin84.exe"
"Microsoft Update"="Microsoft.exe"
"WinMsrv32"="WinMsrv32.exe"
"soundcontrl"="soundcontrl.exe"
"Microsoft Update"="msawindows.exe"
to the registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Copies itself and executes on any remote shares to which it successfully authenticates.

Use RegRun Startup Optimizer to automatically remove this worm.

Remove winmsrv32.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.