Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


ndar32.exe appeared out of nowhere

  • This topic is locked This topic is locked
2 replies to this topic

#1 wefa9


  • Members
  • 8 posts
  • Local time:05:12 AM

Posted 18 November 2013 - 04:15 PM

Hello everyone,


So, last night after I woke my computer up from sleep, I noticed that my cursor was stuck in the loading animation, so I poked around an pinpointed the  problem to a process called "ndar32.exe" I ended the process tree and that solved the problem. However, this morning when I booted up my pc it happened again and after looking around I found ndar32 in my local temp files, so I deleted it. A few seconds after I deleted it, it popped back up again. 


This program just kind of appeared. From what I could tell, there was no trace of it before I put my pc to sleep. I did some internet research and could only find one post on avast's forums in which they told the guy to upload the file to virus total, metascan, and jotti. Here are the logs if you want to look at them: 






It seems that not many virus scanners have deemed it malicious. 
Any ideas?

BC AdBot (Login to Remove)


#2 wefa9

  • Topic Starter

  • Members
  • 8 posts
  • Local time:05:12 AM

Posted 18 November 2013 - 07:14 PM

I think I fixed the issue. Apparently it was being used by the explorer 32 process. After killing that, it stopped showing back up when I deleted it.

#3 nasdaq


  • Malware Response Team
  • 40,182 posts
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:12 AM

Posted 23 November 2013 - 11:11 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users