Exterminate It! Antimalware


Known threats:699,742 Last Update:November 20, 22:46


Running an update right before activating seemed to do the trick. Many thanks. (Also, once I had it properly activated, Exterminate It! got rid of the SpySnipe trojan I’d been battling with for a week, so the news is even better!)

Gary M.

File: config.cfg

Location of config.cfg and Associated Malware

Check whether config.cfg is present in the following locations:

Windows 2000, Windows XP, Windows Server 2003 specific config.cfg file locations:

  • C:\Documents And Settings\USER_NAME\Application Data\config.cfg
  • C:\Documents And Settings\USER_NAME\Application Data\SpeedRunner\config.cfg

Windows Vista, Windows Server 2008, Windows 7, Windows 8 specific config.cfg file locations:

  • C:\Users\USER_NAME\AppData\Roaming\config.cfg
  • C:\Users\USER_NAME\AppData\Roaming\SpeedRunner\config.cfg

If you find config.cfg file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The config.cfg file is associated with malware only if found in the locations listed above.


Different Variations of config.cfg File^

File SizeFile Md5Last Seen
3184745ED3E05C5AA740F13E22DF91398BD07BMay 26, 2010
163141990E382F3CE67188C61D2DCAD4C529B6Jun 10, 2010
15979376A981630CCF63E2AD10575F4478B9E7Jul 11, 2010
20938011D426351C4E9CA061E5C8CAC7261E56Aug 30, 2010
66968B74317BA0229FC3007C3AACC28C05C95Oct 16, 2010
68577784202E4A96FCBC15538F6A4493A90DCJan 13, 2011
63620C81E63750601B3D3072B01E6129A962AMar 26, 2011
63357B0D40B248186EED20C28C6036FB5C9BDAug 5, 2011
2275993DD138E6E1FD22BBDE4A60985283F06AJul 9, 2013
186312C28B96CB8B2B8C9041A5BBB2FDEF3E57Aug 28, 2013
2770B66FFE5F1498AC5F3D26058DC73CACNov 2, 2015
27259F418C1185F6AC58F3AF9EAA8DF99783Apr 10, 2017

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove config.cfg^

  1. To enable deleting the config.cfg file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select config.cfg and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of config.cfg and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of config.cfg and Associated Malware.
  6. Notes:

    • The deletion of config.cfg will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of config.cfg will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a config.cfg malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type config.cfg. The name of the first found registry value referencing config.cfg is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to config.cfg, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of config.cfg and Associated Malware.