Windows HTML file reader should not be running at startup. It is likely a virus, spyware, trojan, or some other sort of malicious program. Use a virus scanner, and/or spyware removal tool to remove it.
sysconf.exe is a process which is registered as W32/Agobot-FP Trojan. This Trojan allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data. This process is a security risk and should be removed from your system.
Damage Level : High
Distribution Level: High
Auto Removal Tool for Sysconf32.exe (Email Worm)
Kaspersky Tools:
Worm.Win32.VB
Bitdefender Tools:
Trojan.VB
Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names
- %Windir%\Sysconf32.exe
Note: if task manager is disabled, Download the following file,
Click to Download - Enable Registry.reg
Manually Remove From Registry
Click Start; Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor. Download and run this UnHookExec.inf, and then continue with the removal.
Navigate to the subkey:
Here, These are windows Startup Folders, Remove the entry of the file you untrust, Delete from Right Side only.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
In the right pane, delete any value that was detected during the scan.
%Windir%\Sysconf32.exe
Exit the Registry Editor.
Recommended Removal Tools:
Kaspersky Antivirus or Internet Security (Shareware)
Spyware Doctor (Shareware)
AVG Antivirus (Freeware)
Killbox (Freeware)
No comments :
Post a Comment
Comment on this Post!!