Welcome Guest (Log In | Create Account)
New Member? Join for free.
   This is a valid program but it is not required to run on startup.

This program is not required to start automatically as you can run it when you need to. It is advised that you disable this program so that it does not take up necessary resources. The following information is a brief description of what is known about this file. If you require further assistance for this file, feel free to ask about in the forums.

This file is a rootkit and may be hiding other files, processes, and registry entries on your computer.

It is strongly advised if you find this file on your computer that you create a virus removal assistance topic. Instructions on how to do this can be found here.

Name: <Random CLSID>
Filename: sygate.exe
Command: C:\Windows\System32\dllcache\sygate.exe s
Description:
Added by the W32.Focelto.A worm. W32.Focelto.A is a worm that spreads through Microsoft instant messaging clients and uses Rootkit techniques. It opens a back door on the compromised computer. This infection is bundled with the ntoskrnl.exe:kernel ADS rootkit.
File Location: C:\Windows\System32\dllcache\sygate.exe
Startup Type: This startup entry is started automatically via the following Windows Registry keys:

HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components

HKEY_CURRENT_USER\Software\Microsoft\Active Setup\Installed Components

Under that key will be a subkey that is the CLSID listed below. That subkey will contain a value called StubPath that points to the file being loaded.
CLSID: <Random CLSID>

  This entry has been requested 2,828 times.

Disclaimer
It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. BleepingComputer.com will not be held responsible if changes you make cause a system failure.

This is NOT a list of tasks/processes taken from Task Manager or the Close Program window (CTRL+ALT+DEL) but a list of startup applications, although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs that are currently running - not necessarily at startup. Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an "X" recommendation, please check whether it's in MSCONFIG or the registry first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+ALT+DEL. If in doubt, don't do anything.

Advertise   |   About Us   |   User Agreement   |   Privacy Policy   |   Contact Us   |   Sitemap   |   Chat   |   Tutorials   |   Uninstall List
Tech Support Forums   |   The Computer Glossary   |   RSS Feeds   |   Startups   |   The File Database   |   Virus Removal Guides   |   Downloads


Portions of this database © Paul Collins
© 2003-2013 All Rights Reserved Bleeping Computer LLC.