English | Deutsch


How to remove the msconf virus


Most antivirus programs identify msconf.exe as malware, for example Kaspersky identifies it as Backdoor.Win32.SdBot.hcn or Backdoor.Win32.SdBot.hdm, and TrendMicro identifies it as WORM_SDBOT.LE or BKDR_SDBOT.GOY.
The free file information forum can help you find out how to remove it. If you know more about this file, please leave a comment or a hint for other users.

Click to Run a Free Virus Scan for the msconf.exe malware


Msconf.exe file information

The process known as sTemp appears to belong to software Humba or MSI by Slayer.

Description: msconf.exe is located in the folder C:\Windows\System32. Known file sizes on Windows 7/XP are 1,301,504 bytes (12% of all occurrences), 1,311,744 bytes and 6 more variants. http://www.file.net/process/msconf.exe.html 
There is no information about the author of the file. The program is not visible. The file is located in the Windows folder, but it is not a Windows core file. Msconf.exe is not a Windows system file. The software listens for or sends data on open ports to a LAN or the Internet. The process starts when Windows starts (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run). Msconf.exe is able to hide itself, monitor applications and record inputs. Therefore the technical security rating is 98% dangerous.

Recommended: Identify msconf.exe related errors

If msconf.exe is located in C:\, the security rating is 70% dangerous. The file size is 24,576 bytes. There is no description of the program. The program has no visible window. The program is loaded during the Windows boot process (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run). It is not a Windows core file. The application uses ports to connect to a LAN or the Internet.

External information from Paul Collins:
There are different files with the same name:

  • "Microsoft Config" definitely not required. Added by the RBOT.PV WORM!
  • "Microsoft Config" definitely not required. Added by the RBOT-LG WORM!

Important: You should check the msconf.exe process on your PC to see if it is a threat. We recommend Security Task Manager for verifying your computer's security. This was one of the Top Download Picks of The Washington Post and PC World.



Score

User Comments


One user thinks msconf.exe is dangerous and recommend removing it.


Do you have additional information? Help other users!
What do you know about msconf.exe: 
How do you rate it: 
Link for more info's: 
Your Name: 


Msconf scanner


Security Task Manager shows all running Windows tasks including embedded hidden functions (e.g. keyboard or browser monitoring, autostart entry). A unique security risk rating indicates the likelihood of the process being potential spyware, malware, keylogger or a Trojan.

Malwarebytes Anti-Malware detects and removes sleeping spyware, adware, trojans, keyloggers, malware and tracking threats from your hard disk. Ideal supplement to Security Task Manager.

SpeedUpMyPC scans, cleans, repairs and optimizes your computer.


Other processes


msconf.exe [all]