Jump to content

Bakdoor.bot in sysprep.exe


Recommended Posts

I've just updated my MBAM (free version) in my win XP sp3 when at the quick scan during euristic-extra scan I've found the backdoor.bot in sysprep.exe located in system32 folder.

I've quarantined the file but I'm wondering if it could be a false positive and the file should be therefore restored (I've known that sysprep.exe is a legitimate file of the system).

Thanks in advance for any suggestions.

Link to post
Share on other sites

Some additional info to help you in finding a solution to my problem:

1) a full scan before the quarantine confirmed the infection in sysprep.exe

2) if I'm not wrong the file sysprep.exe seems to have been added to my system with a recent installation of Visual c++ libraries

3) Superantispyware did not find anything; my Kaspersky internet security (my realtime protection) did not find anything either

4) with an on-line scan with VirusTotal 30 out of 31 products did not find anything; only the last one, webwasher guard (?) found something "suspicious"

Keep waiting for your suggestions

Cheers

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.