What is Drwtsn32.exe?
Drwtsn32.exe is a legitimate process file popularly known as DrWatson Postmortem Debugger. It is associated with Windows Operating System, developed by Microsoft Corporation. It is located in C:\Windows\System32 by default. Malware programmers create files with virus scripts and name them after Drwtsn32.exe with an intention to spread virus on the internet.
Affected Platform: Windows OS
How to check if your computer is infected with Drwtsn32.exe malware?
Keep an eye for the following symptoms to see if your PC is infected with Drwtsn32.exe malware:
- Internet connection fluctuates
- Drwtsn32.exe takes too much CPU space
- PC slows down significantly
- Browser automatically redirects to some irrelevant websites
- Unsolicited ads and popups starts appearing
- Screen freezes constantly
Take the following steps to diagnose your PC for possible Drwtsn32.exe malware attack:
Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.
Step 2: If you notice the file located outside C:\Windows\System32, then you should run an antivirus scan to get rid of the malware.
How to remove Drwtsn32.exe malware from system using Comodo Free Antivirus?
Step 1: Download the award-winning Comodo Free Antivirus.
Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.
Step 3: After network detection is complete, press “Close” button for a scan window.
Step 4: Restart your PC.
Step 5: It will take some time for the Comodo Internet Security to update the antivirus.
Step 6: Proceed with a quick scan that automatically begins after the update.
Step 7: If threats are found during the scanning, you will be prompted with an alert screen.
Step 8: Comodo Antivirus will remove Drwtsn32.exe malware from your computer including all other malwares!
| No. | Company | File Type | SHA1 | MD5 | Malware Name |
Digitally Signed |
File Version |
Product Version |
Submitted From |
Malware Behavior |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | Microsoft Corporation | Executable | 1e7cacdfef57625c 750529a30d78bb2b f4f438b2 |
e19fa6de2001dfea 57f7d114f3b3daa7 |
Virus.Win32. Virut.CE |
No | 5.1.2600.0 (XPClient. 010817-114 8) |
5.1.2600.0 |  Iran, Islamic Republic of |
N/A |
| 2 | N/A | Executable | e9553650f147c40f 77ffce7f07611774 ed8d0352 |
205c6cd8611f72e5 532d1242f9fa9a18 |
Backdoor.Win 32.Poison.as |
No | N/A | N/A |  Russian Federation |
N/A |
| 3 | Microsoft Corporation | Executable | cbaa6d31116ec9cd 1c7ccadac678ba19 19795678 |
233fcc2b9ee4a6c1 e9bdea5f21488532 |
Virus.Win32. Sality.gen |
No | 5.1.2600.0 (XPClient. 010817-114 8) |
5.1.2600.0 |  102.46.202.70/32 |
N/A |
| 4 | N/A | Executable | 0835b0047c295345 288db5dba886026b b713b11d |
dce137a731cfe5a8 126626e7242f0138 |
Backdoor.Win 32.Poison.as |
No | N/A | N/A |  Canada |
N/A |
Egypt
Turkey
Indonesia
India
Ukraine
Syrian Arab Republic
Pakistan
South Africa
Bulgaria
Romania
Brazil
Algeria
Czech Republic
Argentina
Italy
United Kingdom| No. | Company | File Type | SHA1 | MD5 | Digitally Signed |
File Version |
Product Version |
Submitted From |
|---|---|---|---|---|---|---|---|---|
| 1 | Microsoft Corporation | Executable | 591691611bf9bcc7 ec6a355dcce6a30d caba97ca |
f7337c4bfa86c22e ad1995dbcf3e912a |
No | 4.00 | 4.00 |  United States |
| 2 | Microsoft Corporation | Executable | 6a45d2cd449b4327 c5dd7e7547431e19 f7709541 |
230a282ffa83810c 1972492371064d60 |
No | 4.00 | 4.00 | United States |
| 3 | ReactOS Development Team | Executable | c35d1510dc972bdf 1188eb475aab1e9d 90bd40b9 |
b3eabf7ce85a2ea7 8ade3b1496956bfb |
No | 0.4.13 | 0.4.13 | 10.224.25.40/32 |
| 4 | N/A | Executable | 6065f66c8e3b5266 81f915b996f81f71 8fb2819b |
407076579aac92c5 14f7ae56a309eb9a |
No | N/A | N/A | Internal Submission |
- 4 items per page
- 8 items per page
- 16 items per page
- 32 items per page
