intcp32.exe - Dangerous

intcp32.exe

Manual removal instructions:

Antivirus Report of intcp32.exe:
intcp32.exe Malware
intcp32.exeDangerous
intcp32.exeHigh Risk
intcp32.exe
W32.Randex.UG is a worm that may be remotely controlled via IRC.
The worm includes Distributed Denial of Service (DDoS) capabilities and also tries to steal the CD keys of a number of games.
Also Known As: Backdoor.IRC.Bot.gen, Backdoor.IRC/SdBot, W32/Sdbot.worm.gen

Copies itself as %System%\intcp32.exe.
Calculates a random IP address.
Attempts to authenticate as an administrator to the calculated IP address. If this worm is successfully authenticated, it will copy itself as:
\\Admin$\intcp32.exe
\\Admin$\system32\intcp32.exe
\\C$\winnt\system32\intcp32.exe
\\C$\windows\system32\intcp32.exe

Remotely schedules a task to run the worm on a newly infected computer.
Connects to an IRC channel on a predetermined IRC server to receive remote instructions, such as:
Ntscan: Scans for computers with weak administrator passwords, and then copies itself to these machines.
Syn: Performs a SYN flood attack with a data size of 55808 bytes.
Sysinfo: Retrieves the infected machine's information, such as CPU speed and the amount of memory.

Manual removal:
Navigate to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
and delete the value: "Threaded"="intcp32.exe"

Remove intcp32.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.