SUBOT dll infected with virus

Hi

I ran Symantec AnitVirus on one computer and it found a virus in SUBOT.dll under winnt\system32. Error message "Access denied" when attempting to quarantine the file.

Is there a service that uses this DLL ?. If yes, please let me know the service name so I could stop it for Symantec to perform the Cleanup Action.

OR

Can I just delete the 2 files found under winnt\system32 - SUBOT.dll and SUBOT.ini

Please advise

Thank you
nmahmoAsked:
Who is Participating?
 
SheharyaarSaahilConnect With a Mentor Commented:
Hello nmahmo =)

U can manually delete these two files, these are not system files !!!
and if u get any access denied error while trying to delete it, then take the permission of these files,,,,,,,

HOW TO: Take Ownership of a File or Folder in Windows XP:
http://support.microsoft.com/?kbid=308421

HOW TO: Set, View, Change, or Remove File and Folder Permissions in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;308418

After deleting,,,, run Stinger in Safemode to make sure it comes as Clean :)
Stinger >> http://vil.nai.com/vil/stinger

!! GOOD LUCK !!
0
 
nmahmoAuthor Commented:
Ok, before deleting it,  I want to mention that this is a Windows NT server.
are you positive this is not a system file?

thanks,
0
 
SheharyaarSaahilCommented:
:)

Yes im sure that its not a System file, coz in the last five years, im hearing abt this file for the First time,,,, and moreover i cud find only one Record abt this file even on Google,,, and this site also termed it with a trojan >> http://vil.nai.com/vil/content/v_125081.htm

But still if u doubt me and this site,,, u can just delete this file to recycle bin,,,, restart and make sure that everything is working as fine as before,,,, once u make sure u can empty the recycle bin :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.