32.exe Worm
Posted by admin on 25 Oct 2007 at 11:23 am | Tagged as: registry, registry cleaner, trojan, malware, internet explorer, windows
Not to be mistaken for a critical System 32 file, the 32.exe file is actually a worm which has become notorious for its widespread infection via email. The file preys on our instinct not to touch important looking files, and it also comes with a generator function that will place a random set of characters before the 32.exe. This is to dissuade people from searching the file by name and finding a fix for the problem.
It is deemed low risk and it doesn’t severely compromise the integrity of a system, but it has the capacity to spread rapidly due to its email formula.
It’s worth noting that the actual virus doesn’t come from an email attachment. It is spread by forcing people to click on innocuous looking links in email bodies. The virus then downloads on to the computer directly.
It becomes ingrained in the Windows Registry and this enables the worm to ensure that it is run every time the user restarts Windows. For that reason alone, it can be very difficult to delete without prior knowledge of what you’re looking for.
The 32.exe virus is officially referred to as a Win32.Bofra.E. It copies itself to the System directory but you will need to look closely to find it as there’s no easy way of telling what the prefix to the file will be.
The best way to avoid a 32.exe infection is to ensure that you have a sufficient anti-Virus protection suite in place. The idea of the virus is that while some protection apps may scan attachments for corrupt files, very few of them are capable of checking links in the email itself – until they’ve been clicked, of course. And at that time, it’s too late for many.
You should ensure that you have protection against phishing, which is known to have been contrived through the use of certain32.exe files. It’s also important to block out spyware and malware since these are both damaging not just in the sense that they clog your system, but they open the door for more harmful viruses too.
You will need to run a comprehensive scan of your hard drive to search out the 32.exe virus. It can be located quicker by simply scanning the System directory. But it’s a good habit to use scanning software on the entire hard drive. Pair this with a registry cleaner and you’ll be able to weed out the corrupted files.
Please note that it is necessary to use a registry cleaner, even if the disk-cleanup seems to do the trick at first.
The nature of the Win32.Bofra.E is that it is designed to re-spawn when you boot from scratch. If you don’t remove the registry entries that trigger the virus in to life, you will be simply removing it temporarily until the next start up.
You will only contract the virus if you are using Microsoft Internet Explorer when you open the email link. This is because the worm capitalizes on a security loophole whereby it’s possible to plant malicious content in an IFrame. The same technique isn’t such an issue if you’re using Mozilla Firefox or one of many independent browsers.
Get a Free Online Diagnostic Scan with RegCure PC Optimizer (Download 2 Mins)
