systemcfg.exe - Dangerous
systemcfg.exe
Jeff's Story:
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.
Manual removal instructions:
The Trojan may be able to spread using network shares using weak passwords if instructed so by the attacker.
When the Trojan infects a computer, it may send a notification message to the attacker containing the IP address of the infected computer.
It may attempt to terminate anti-virus and firewall related processes, in addition to other viruses, worms or Trojans.
Changes the text file named HOSTS which may contain a list of anti-virus and other security-related websites each bound to the IP loopback address of 127.0.0.1 which would effectively prevent access to these sites.
Can sniff HTTP, VULN, ICMP, FTP and IRC network traffic and steal data from them.
Can also be used to initiate denial-of-service (DoS) and distributed denial-of-service (DDoS) synflood / httpflood / fraggle / smurf etc attacks against remote systems.
This Trojan may steal the Windows Product ID and AOL Instant Messenger Product ID and keys from several computer applications or games.
Remove this worm by using RegRun Startup Optimizer.