sysinit.exe - Dangerous
%sysdir%\sysinit.exe
Manual removal instructions:
Antivirus Report of %sysdir%\sysinit.exe:
%sysdir%\sysinit.exe
Worm W32.Beagle.AX@mm
Spreads through file-sharing networks and by e-mail.
1. Adds to Windows startup.
"Syskey" = "%System%\sysinit.exe"
2.Creates the following files:
%System%\sysinit.exe
%System%\sysinit.exeopen
%System%\sysinit.exeopenopen
%System%\sysinit.exeopenopenopen
%System%\sysinit.exeopenopenopenopen
3. Kills antiviruses.
4.Opens a backdoor on TCP port 2002.
5.Sends an HTTP GET request via TCP port 80 to the domain, webnomey.net, where it attempts to contact a .php script.
6.Attempts to download a file from the domain sash.cc and save it as 1.exe. This file is then executed.
Remove it from startup using RegRun Startup Optimizer.
| %sysdir%\sysinit.exe | Malware |
| %sysdir%\sysinit.exe | Dangerous |
| %sysdir%\sysinit.exe | High Risk |
Spreads through file-sharing networks and by e-mail.
1. Adds to Windows startup.
"Syskey" = "%System%\sysinit.exe"
2.Creates the following files:
%System%\sysinit.exe
%System%\sysinit.exeopen
%System%\sysinit.exeopenopen
%System%\sysinit.exeopenopenopen
%System%\sysinit.exeopenopenopenopen
3. Kills antiviruses.
4.Opens a backdoor on TCP port 2002.
5.Sends an HTTP GET request via TCP port 80 to the domain, webnomey.net, where it attempts to contact a .php script.
6.Attempts to download a file from the domain sash.cc and save it as 1.exe. This file is then executed.
Remove it from startup using RegRun Startup Optimizer.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.