sysinfo.exe - Dangerous

sysinfo.exe

Manual removal instructions:

Antivirus Report of sysinfo.exe:
sysinfo.exe Malware
sysinfo.exeDangerous
sysinfo.exeHigh Risk
sysinfo.exe
W32.HLLW.Gaobot.FQ is a variant of W32.HLLW.Gaobot.BF.
It attempts to spread to network shares that have weak passwords and allows attackers to access an infected computer through an IRC channel.

Copies itself as %System%\Sysinfo.exe and %System%\Winhlpp32.exe.

Adds the value:
"Configuration Loader"="%System%\sysinfo.exe"
to the registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Performs Distributed Denial of Service (DDoS) attacks against targeted systems. The IP addresses of the targets are randomly calculated.
Steals the CD keys/Product ID, ends some processes associated with antivirus and firewall software, attemps to kill some processes associated with other worms.
Listens on randomly calculated ports, and waits for other computers to download the worm.

Remove it from startup by using RegRun Startup Optimizer.

Remove sysinfo.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.