Does anybody know anything about this file, "systemie.exe"? The CEO has it
on his home W2K PC in the WINNT\system32 directory. I do not find it on
any W2K machine here in our office, nor on any XP machines. What
Hi to the list.
Hi Jeff,
New to the list. I spent part of the day researching and cleaning out this
file and another today. It looks like a keystroke logger that sends
information to the web. If you need specifics on removing it, or if these
directions don't make sense to you, you can contact me off list.
But, I'd like one thing if you can get me a bit of information from it when
you remove it. I'd like to know which I.P. it's contacting from your
system. If you can do a netstat -a or run the free program TDIMON from
Sysinternals, and let me know what that I.P. is, I'd appreciate it.
As for removing it:
There is at least one entry for SYSIE.DLL in the registry that needs to be
removed.
There is at least one entry for SYSTEMIE.EXE in the registry that needs to
be removed. You should be able search for them and delete them.
That will stop it from reloading on reboot. Then, reboot and delete the
following files.
In the system32 folder, you can find and delete 4 files:
SYSIE.DLL
SYSTEMIE.DLL
SYSTEMIE.DAT
SYSTEMIE.EXE
--
Mark Bunner
Greywolf Computer Services -- http://www.greywolfcomputer.com
80 Liberty Av.
Weirton, WV 26062-2124
Phone: 304-797-0064
FAX: 815-461-2582
----------
Make payments with
<https://www.paypal.com/affil/pal=greywolf@xxxxxxxxxxxxxxxxxxxx>PayPal -
it's fast, free and secure!
----------
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.