execfg4.exe - Dangerous

execfg4.exe

Manual removal instructions:

Antivirus Report of execfg4.exe:
execfg4.exe Malware
execfg4.exeDangerous
execfg4.exeHigh Risk
execfg4.exe
W32/Forlorn-D is a peer-to-peer (P2P) worm that spreads through the KaZaA and Morpheus network sharing utilities.
When first executed the worm copies itself as EXECFG4.EXE in the Windows folder and sets the following registry entry to the path of this copy so the worm will be executed when the Windows is restarted:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\execfg4

The worm queries the following registry entries searching for a folder that is shared across the KaZaA and Morpheus networks:
HKLM\Software\Kazaa\LocalContent
HKLM\Software\Morpheus\LocalContent
HKCU\Software\Kazaa\LocalContent
HKCU\Software\Morpheus\LocalContent
If a value is not found then the folder C:\\SysConfig is used.

Seventy three copies of the worm are created in this folder with the different filenames, such as:
[DiVX] Harry Potter And The Sorcerors Stone Full Downloader.exe
Age of empires 2 crack.exe
Borland Delphi 6 Key Generator.exe
Britney spears nude.exe
DivX codec v6.0.exe
GTA3 crack.exe
Microsoft Windows XP crack pack.exe
Windows XP serial generator.exe
Winrar + crack.exe
ZoneAlarm Firewall Full Downloader.exe

Use RegRun Startup Opimizer for removal.

Remove execfg4.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.