?
Solved

Is SYSCFG32.exe a valid Windows 2000 File ?

Posted on 2003-02-21
5
Medium Priority
?
124 Views
Last Modified: 2010-04-13
InoculateIT is telling me I have a Backdoor/SDBot.05.A.Server trojan within the syscfg32.exe file contained within teh C:\winnt\system32 Folder.     Can I delete it ??  I cannot repair it, Trojan Remover doesnt even detect it..

Any thoughts ???
0
Comment
Question by:wtolmie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
5 Comments
 
LVL 44

Expert Comment

by:CrazyOne
ID: 7996293
F-Secure Virus Descriptions
http://www.f-secure.com/v-descs/lolol.shtml

While installing the worm copies itself to Windows system directory with the "syscfg32.exe" name and registers that file in two system registry auto-run keys:


 HKLM\Software\Microsoft\Windows\CurrentVersion\Run
   Configuration Loader = syscfg32.exe


 HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
   Configuration Loader = syscfg32.exe

0
 
LVL 44

Accepted Solution

by:
CrazyOne earned 400 total points
ID: 7996308
Delete the entries the Configuration Loader = syscfg32.exe in the registry and then delete the file.
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 7996312
You may have to reboot after removing the entries from the registry before you can delete the file.
0
 

Author Comment

by:wtolmie
ID: 7996849
Thankyou Crazyone..  Always fast to respond..!!!!
0
 
LVL 44

Expert Comment

by:CrazyOne
ID: 7996996
You are welcome. :>)
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses
Course of the Month12 days, 8 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question