samx.exe - Dangerous
%sysdir%\samx.exe
Jeff's Story:
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.
Manual removal instructions:
Trojan horse program that spreads via network shares.
1. Copies itself as %System%\samx.exe.
2. Adds to registry Run keys.
3. Creates a service named "FireWire Driver," which points to:
"%System%\samx.exe" -netsvcs
Programs allows attcker to execute any commands on the target computer.
Removal:
Use RegRun Start Control to stop theservice and change it to disabled state.
Remove the file.
Remove from startup.