Tom's Guide | Tom's Hardware | Tom's Games

Computing.Net > Forums > Security and Virus > New Skype Virus wndrivs32.exe

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

New Skype Virus wndrivs32.exe

Reply to Message Icon

Name: michaelspire
Date: September 9, 2007 at 20:25:57 Pacific
OS: XP
CPU/Ram: Pentium Duo 2gb
Comment:

I should know better, but I was IM'd via Skype by a friend suggesting I check out an .scr link

Then it cleverly says 'oops, i meant to send this to someone else, please don't look at this'

Or something to that effect. Well, I stupidly did, and fell for it.

Now, it promptly locks up your Skype, (probably sends the message to all your contacts) .. and also locks out msconfig and regedit, and even some websites / anti-virus software.

However, I did manage to isolate the running process as wndrivs32.exe - and when I kill the process, I can access regedit and msconfig for about 60 seconds before it reboots itself.

I did a google search on wndrivs32.exe and it is so new, that it is returning 0 results.

Hopefully this will help some people!

Right now I am using regedit to

"delete
SkypeStart from your registry in:

HKLocalMachine/Software/Microsoft/Windows/CurrentVersion/Run
HKCurrentUser/Software/Microsoft/Windows/CurrentVersion/Run"


Michael
www.MichaelSpire.com



Sponsored Link
Ads by Google

Response Number 1
Name: Surikas
Date: September 10, 2007 at 05:18:23 Pacific
Reply:

You may try system restore.

or you may:
1.) start > run >cmd
than type and press enter in the black screen
taskkill /f /im skype.exe
taskkill /f /im wndrivs32.exe
taskkill /f /im mshtmldat32.exe

after stopping processes, try to locate the file specified and also check registry.

type regedit and press enter
than go with your mouse in the regedit window to my computer
than select edit
than select finde
then enter

"mshtmldat32.exe" when you have found this than select it and delete it
than press f3 fro search continue
it will find it at one point with the explorer. in one line select in this cas only the mshtmldat32.exe

repide this steps for
wndrivs32.exe
mshtmldat32.exe
mshtmldat32.exe

for your own savety
go to start
than search
than select search for all files and folder
and searche for
wndrivs32.exe
mshtmldat32.exe
mshtmldat32.exe
WNDRIVS32.EXE-2F91B010.pf

you will need also your host file
c:\windows\system32\drivers\etc \hosts
open itwit the notepad and remove all and than enter this
127.0.0.1 localhost #localhost
than save it

if found delete it
than you will be clean


0
Reply to Message Icon

Related Posts

See More



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Security and Virus Forum Home


Sponsored links
Ads by Google


Results for: New Skype Virus wndrivs32.exe
New Win32 virus - please help! www.computing.net/answers/security/new-win32-virus-please-help/19833.html

New Win32 Virus www.computing.net/answers/security/new-win32-virus/22108.html

New Win32 Virus www.computing.net/answers/security/new-win32-virus/23657.html