sysconfig32.exe - Dangerous
sysconfig32.exe
Jeff's Story:
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.
Manual removal instructions:
Sysconfig32.exe is Trojan/Backdoor.
Kill the process sysconfig32.exe and remove sysconfig32.exe from Windows startup.
Malware: jebac.exe
Removed:
C:\Documents and Settings\Administrator\Application Data\crssn.exe
C:\Documents and Settings\Administrator\Application Data\sysconfig32.exe
Detected by UnHackMe:
Item Name: sysconfig32
Author: Microsoft Corporation
Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\SYSCONFIG32.EXE
Type: Registry Run
Item Name: WindowsServiceUpdate
Author: Microsoft Corporation
Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\CRSSN.EXE
Type: Registry Run
Item Name: crssn.exe
Author:
Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\CRSSN.EXE
Type: Running Processes
Removal Results: Success
Number of reboot: 1
Classification:Antivirus Version Last Update Result
F-Secure 9.0.15370.0 2010.04.07 Trojan.Generic.3567322
Kaspersky 7.0.0.125 2010.04.07 Trojan.Win32.Scar.bzgh
Microsoft 1.5605 2010.04.07 -
NOD32 5006 2010.04.07 a variant of Win32/Injector.BFI
Additional information
File size: 148480 bytes
MD5 : 70e06827b499ccc94c4aefc443e20729
SHA1 : dd66942f680c8dde6b3958936e98bbce7c04591b
SHA256: 296559c0f3cd7a53503469c63afba6af15f4e5998dc5cde4f1cb02d4d7f68461
http://greatis.com/blog/how-to-remove-ma...