Full Version of this article can be found
here
Sysconf32.exe
Sysconf32.exe
What is it?
Sysconf32.exe is a file associated with the w32.Noomy.A@mm mass mailing worm
What does it do?
When W32.Noomy.A@mm is executed, it performs the following actions:
Copies itself as %Windir%Sysconf32.exe.
Adds the value:
"Windows HTML files "="%Windir%Sysconf32.exe"
to the registry key:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun
so that the worm runs when you start Windows.
Copies itself to %System%SystemBck as the following file names:
XboxIso2RomConverter.exe
Ageofempires2crack.exe
AgeOfMythologyISO.exe
BattlenetkeygeneratorWORKS.exe
BritneyspearsNude.scr
Burnout2CarRacing.exe
Cablemodemuncapper.exe
CloneCDcrack.exe
CloneCDallversionskeygenerator.exe
Copyprotectionremover.exe
Crazytaxicrack.exe
CuteFTPPro30.exe
DivXcodecv6.0.exe
DivXnewestversion.exe
DivXpatch-Increasesquality.exe
DivXprokeygenerator.exe
Doom3Beta.exe
DragonballZCOMPLETEepisodeguide.exe
DragonballZepisode1.exe
DragonballZshootout.exe
GamecubeEmulatorWORKS.exe
FIFA2004crack.exe
GrandPrix4crack.exe
Grandtheftauto3CD1crack.exe
GTA3crack.exe
Hackintoanycomputer.exe
Half-lifeONLINEkeygenerator.exe
Half-lifeWONkeygenerator.exe
J-LONudeREAL.scr
JediKnight2crack.exe
KaZaAhack.exe
NBA2004crack.exe
AquaNox2crack.exe
UT2003bloodpatch.exe
Unreal2bloodpatch.exe
Battlefield1942bloodpatch.exe
AVPCrackNEW.exe
zoneallarmprocrack2004.exe
counterstrikerkeygen2004.exe
warcraft3keygen.exe
adness2.exe
N0RT0NANTIVIRUS2004.exe
Neverwinternightscrack.exe
Nokiasimlockremoverincludesnewmodels.exe
Nortonantivirus2002.exe
Rayman2Full.exe
ResidentEvilDivX.exe
Starwarsepisode2downloader.exe
TotalImmersionRacingISO.exe
Warcraft3battlenetserialgenerator.exe
Warcraft3ONLINEkeygenerator.exe
WinAPs2.exe
WindowsXPkeygenerator.exe
WindowsXPserialgenerator.exe
WindowsXPSP1key-Crack.exe
Winrarandcrack.exe
Winzip80serial.exe
WorkingIsoBurner.exe
XBOXemulatorWORKS.exe
Xboxinfo.exe
AnaKurnikovaVirualGirl2004.scr
Battlefield1942Bloodpatch.exe
AngelinaRealScreenSaver.scr
CounterStrikeHLDSv1.1.0.9.exe
DVDCoppierv1.5.7byCrash2004.exe
FunnyBush2004movieSeptember.scr
DVDRipperv1.3.2byCrash2004.exe
iWormMymoonremovetool2.5.exe
EvidenceEraserbyCrash2004.exe
McAffeeUtilitiesv3.11FinalbyR2P2K.exe
McAffeeUtilitiesv3.11byR2P2K.exe
NeroBurningROMv5.5.8.2Keygen.exe
NeroBurningROMv5.5.8.2Serial.exe
NeroBurningROMv5.5.8.2byCooKie.exe
SpyAgentRemoteControl1.05.exe
SpyCamv6.32.exe
SpyTechSpyAgentPersonalv3.00.00byAmoK.exe
StarCraftBroodWarv1.09byFR.exe
UnrealTournament2bloodpatch.exe
UnrealTournament2004Bloodpatch.exe
Windows2004Keygen.exe
WindowsXPKeyGen.exe
YahooPasswordHacker2004BF.exe
ZoneAlarmProv3.0.2.6byOrion.exe
Generalscrack.exe
Mirc7.0Crack.exe
NapsterClone.exe
PlayGamesOnlineForFREE.exe
Ps2Emulator.exe
Ps2Iso2RomConverter.exe
ShakiraDancing.scr
SoldierOfFortune2MutiplayerSerialHack.exe
SystemMonitor.exe
TheSimsGameCrack.exe
UniversalGameCrack.exe
Warcraft3Battle.netCrack.exe
XboxEmulator.exe
1001nesroms.exe
windowsxpkeygen.exe
deadaim4.0.exe
deadaim4.0serial.exe
counterstrikemaphack.exe
counterstrikeaim_bot.exe
AliciaSilverstonePayboyNude.scr
Bingo.exe
BritneySpearsDanceBeat.scr
DDosClient2005.exe
EmailBomber447.exe
FileServer.exe
FlashGolf.exe
FreeMpegsLists.pif
FreePicsList.pif
FreePornLists.pif
HoesForYouSolitare.exe
J.LoBikiniScreensaver.scr
JennaJamisonDildoHumping.scr
KamaSutraTetris.exe
KazaaClone.exe
KaZaAmediadesktopv2.0UNOFFICIAL.exe
KaZaAspywareremover.exe
KeygeneratorforallwindowsXPversions.exe
Keygeneratorforoverreally.exe
More info and Removal instructions
@symantec