Configuration.exe

Last Updated on Saturday, 14 July 2012 21:14 Tuesday, 29 June 2010 18:02

Trojan - Win32 Comame

The file name Configuration.exe is found in legitimate programs as well as computer virus programs that affect computers running on Microsoft windows operating systems.

A suspicious configuration.exe is found in this virus analysis report.

It creates a malicious look alike of lsass.exe which is (LSA shell) in Microsoft windows operating system .
The default location of this file is C:\windows\system32\lsass.exe

Found files and folders - 

Files
C:\Windows\CIDD_P\557365724E616D65\br.dll
C:\Windows\CIDD_P\557365724E616D65\clm.dll
C:\Windows\CIDD_P\557365724E616D65\nam.dll
C:\Windows\CIDD_P\557365724E616D65\nfie.dll
C:\Windows\CIDD_P\lsass.exe
C:\Windows\configuration\configuration.exe

Folders
C:\Windows\CIDD_P
C:\Windows\CIDD_P\557365724E616D65
C:\Windows\configuration

Necessary steps to remove this virus program

  • To remove processes created by the virus program from the Task Manager.
  • To search and delete files created by the virus program from the hard disk. Enable to view "hidden files and folders" before you search. Otherwise files created by the virus program inside the hidden folders will not be found.
  • To remove obsolete registry keys using CCleaner.

 

Detailed instructions and free Tools.

Preventive steps to avoid virus programs.

 

Reprinted with permission from Threatexpert.com

Disclaimer

 Vocabulary of the technical terms used in this article.

< Prev

Main Menu

Home
----Sections----
Harmful Files
Virus Removal
Trojan Removal
Worms Removal
Rogues Removal
Unwanted Apps
Removal Tools
Current News
----Articles----
Warning/ Disclaimer
Common Folders
Preventive Measures
Removal Instructions
Video Tutorials
----Site Info----
Sitemap
About/Contact
Privacy Policy
Search this site
FAQ

Subscribe to me on YouTube