Avatar of wtolmie
wtolmie
 asked on

Is SYSCFG32.exe a valid Windows 2000 File ?

InoculateIT is telling me I have a Backdoor/SDBot.05.A.Server trojan within the syscfg32.exe file contained within teh C:\winnt\system32 Folder.     Can I delete it ??  I cannot repair it, Trojan Remover doesnt even detect it..

Any thoughts ???
Windows 2000

Avatar of undefined
Last Comment
CrazyOne

8/22/2022 - Mon
CrazyOne

F-Secure Virus Descriptions
http://www.f-secure.com/v-descs/lolol.shtml

While installing the worm copies itself to Windows system directory with the "syscfg32.exe" name and registers that file in two system registry auto-run keys:


 HKLM\Software\Microsoft\Windows\CurrentVersion\Run
   Configuration Loader = syscfg32.exe


 HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
   Configuration Loader = syscfg32.exe

ASKER CERTIFIED SOLUTION
CrazyOne

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
CrazyOne

You may have to reboot after removing the entries from the registry before you can delete the file.
wtolmie

ASKER
Thankyou Crazyone..  Always fast to respond..!!!!
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
CrazyOne

You are welcome. :>)