syscpy.exe - Dangerous

syscpy.exe

Manual removal instructions:

Antivirus Report of syscpy.exe:
syscpy.exe Malware
syscpy.exeDangerous
syscpy.exeHigh Risk
syscpy.exe
Backdoor.Hogle is a proxy SMTP server that may be used as an anonymous spam relay.
It also listens on TCP port 3355 for incoming connections.

Copies itself as %System%\Syscpy.exe.
Adds the value:
"Syscpy"="%System%\syscpy.exe"
to the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Gets the IP address of the computer on which it is running, and then queries spamcop.net and www.abuse.net for this address.
If the address is found on a "spam blacklist," which one of these services maintains, the Trojan will exit.

Sends a message containing the current IP address to a certain Web site.
Opens a connection on TCP port 3355, waiting for incoming connections.
When a connection is made, the Trojan accepts incoming messages, and relays them to another SMTP server on port 25.

Manual removal:
Navigate to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and delete the value:
"Syscpy"="%System%\syscpy.exe"

Remove this worm by RegRun Startup Optimizer.

Remove syscpy.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.