Backdoor.sdbot

T

Ted

Hi,

I've got a virus called backdoor.sdbot attached to my
system32.exe. Everytime I start up windows, it tells me
that the system32.exe is missing. However, I know for a
fact that the system32.exe is being quarantined by Norton
Antivirus. Norton cannot repair the file. How do I get
a new system32.exe?
 
D

Doug Knox MS-MVP

System32.exe is not a valid Windows file. See www.dougknox.com, Win XP Fixes, Clean KWBot Worm Entries.

You can also clean this entry manually by going to Start, Run and entering MSCONFIG Go to the Startup tab and uncheck any entry that references the System32.exe file.

Additionally, you can click Start, Run and enter REGEDIT Go to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Look in the right pane for any entry that references the System32.exe file and delete it. Also look in:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Locate the Shell value in the right pane. It should read "explorer.exe", without the quotes. If it reads anything else, double click this entry and change it to read explorer.exe
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

system32.exe infected 6
virus safe mode backdoor.sdbot 1
Need Help with Hijackthis File 2
PROBLEM!!! 3
Backdoor.SDBot.Gen virus - suggestions please 1
TROJAN HORSE VIRUS INFECTED .EXE FILE 2
System32.exe error message 1
Disable Command Prompt Command 6

Top