Is this important to keep or can I delete it

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Can I delete C:\\windows/syscfg16.exe from my computer?I had a virus..it is
quarentined and i need to delete it but am afraid that this might be
important because it is in my c drive.Any help would be greatly appreciated.3
de
 
syscfg16.exe is added by the WISDOOR.K TROJAN!. Get rid of it!

[[Troj/Wisdoor-K is a backdoor Trojan which allows a remote intruder to
access and control the computer via IRC channels.

When first run Troj/Wisdoor-K copies itself to the Windows folder as
syscfg16.exe and creates the following registry entries, so that
syscfg16.exe is run automatically on startup:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Windows System Configuration = "<Windows folder>\SYSCFG16.EXE"
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Windows DLL Loader = "<Windows folder>\SYSCFG16.EXE"

Each time the Trojan is run it tries to connect to a remote IRC server on
port 6667 using a random nickname and join a specific channel. The Trojan
then listens on the channel for instructions specified by a remote
intruder. ]]

Troj/Wisdoor-K
http://www.sophos.com/virusinfo/analyses/trojwisdoork.html

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In
 
Okay..since I have already gotten it into quarentine on norton and it
asks"are you sure that you want to delete"..I can say yes..I just want to
make sure that I will not hurt my computer/i mean if there is something else
in that file besides a trojan?So...I can delete it and computer will still
run...i will not crash it?i am sorry to re ask..but I don't want to ruin my c
drive....does that make any sense????Thank you
debra

Wesley Vogel said:
syscfg16.exe is added by the WISDOOR.K TROJAN!. Get rid of it!

[[Troj/Wisdoor-K is a backdoor Trojan which allows a remote intruder to
access and control the computer via IRC channels.

When first run Troj/Wisdoor-K copies itself to the Windows folder as
syscfg16.exe and creates the following registry entries, so that
syscfg16.exe is run automatically on startup:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Windows System Configuration = "<Windows folder>\SYSCFG16.EXE"
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Windows DLL Loader = "<Windows folder>\SYSCFG16.EXE"

Each time the Trojan is run it tries to connect to a remote IRC server on
port 6667 using a random nickname and join a specific channel. The Trojan
then listens on the channel for instructions specified by a remote
intruder. ]]

Troj/Wisdoor-K
http://www.sophos.com/virusinfo/analyses/trojwisdoork.html

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In
sheapuppychow said:
Can I delete C:\\windows/syscfg16.exe from my computer?I had a
virus..it is quarentined and i need to delete it but am afraid that
this might be important because it is in my c drive.Any help would be
greatly appreciated.3 de
Click to expand...
Click to expand...
 
okay..i did it........i went for it...should i restart my computer and run
norton(since the warning for trojan shows up only at restart?thanks
debra

Wesley Vogel said:
syscfg16.exe is added by the WISDOOR.K TROJAN!. Get rid of it!

[[Troj/Wisdoor-K is a backdoor Trojan which allows a remote intruder to
access and control the computer via IRC channels.

When first run Troj/Wisdoor-K copies itself to the Windows folder as
syscfg16.exe and creates the following registry entries, so that
syscfg16.exe is run automatically on startup:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Windows System Configuration = "<Windows folder>\SYSCFG16.EXE"
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
Windows DLL Loader = "<Windows folder>\SYSCFG16.EXE"

Each time the Trojan is run it tries to connect to a remote IRC server on
port 6667 using a random nickname and join a specific channel. The Trojan
then listens on the channel for instructions specified by a remote
intruder. ]]

Troj/Wisdoor-K
http://www.sophos.com/virusinfo/analyses/trojwisdoork.html

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In
sheapuppychow said:
Can I delete C:\\windows/syscfg16.exe from my computer?I had a
virus..it is quarentined and i need to delete it but am afraid that
this might be important because it is in my c drive.Any help would be
greatly appreciated.3 de
Click to expand...
Click to expand...
 
okay i hope its gone..i do not want to mess with the task manager(i am not
computer literate...for that stuff...i did what symantec told me to do...but
when i restarted my computer i pressed f8 and i did not see anything that
said "safe mode" and when I went to recheck the system restore it was
already done..so i hope i will be okay.I have zone alarm and spysweeper and
love them...so hopefully if they are gone..they will stay gone.
thanks
debra
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

cant's delete file(Vcodec) 1
I have the backdoor.haxdoor.c virus 1
Excel How do I delete images in a specific range 1
Can't delete file 3
Trojans and viruses and worms Oh My! 2
mcaffee32.exe 1
bloodhound virus 2
Are photos gone or on computer somewhere??? 7

Back
Top