STARTDRV.EXE - Dangerous

What you should do about STARTDRV.EXE:

Check Your PC Now
Your PC may be infected. The presence of a file called STARTDRV.EXE is a possible sign of infection.


You should urgently check your PC to make sure it is not infected. The free version of Prevx CSI will scan your PC in less than two minutes and check for millions of spyware and malware infections including STARTDRV.EXE. Don't take the risk, check your PC now by clicking the green button.

Download Prevx CSI Now

Who Uses Prevx CSI?

Prevx has been detecting the threats that others miss since 2004.

More than 2,061,632 people have scanned with Prevx CSI and between them have checked 29.7 billion files. 66% of the PCs scanned had malware present.

What we know about STARTDRV.EXE:

The filename STARTDRV.EXE was first seen on Sep 7 2007 in The UNITED STATES. It has also been seen in the following geographical regions of the Prevx community:

  • SPAIN on Sep 28 2007
  • THAILAND on May 6 2008
  • The EUROPEAN UNION on Mar 21 2008
  • INDIA on Oct 20 2007
The filename STARTDRV.EXE refers to many versions of an executable program.

The most common file size is 20,992 bytes. But the following file sizes have also been seen:

  • 777,777,777 bytes
  • 45,056 bytes
  • 19,968 bytes
  • 20,480 bytes
  • 21,504 bytes

The unsafe files using this name are associated with the malware group TROJAN.AGENT.GEN.Some files using the name STARTDRV.EXE are also associated with the malware groups:
  • TROJAN.PANDEX.B
  • Trojan.Gorhax
 These files have no vendor, product or version information specified in the file header.

STARTDRV.EXE has been seen to perform the following behavior(s):

  • The Process is packed and/or encrypted using a software packing process
  • Loads and Executes a System Driver File
  • Writes to another Process's Virtual Memory (Process Hijacking)
  • This Process Deletes Other Processes From Disk
  • Registers a Dynamic Link Library File
  • Executes a Process
  • This Process Creates Other Processes On Disk

STARTDRV.EXE has been the subject of the following behavior(s):

  • Executed as a Process
  • Deleted as a process from disk
  • Created as a process on disk
  • Terminated as a Process
  • Has code inserted into its Virtual Memory space by other programs

STARTDRV.EXE can also use the following file names:

  • 17421452.DAT
  • 47109076.DAT
  • 08337812.EXE
  • 89154119.EXE
  • 15246415.EXE