Win32.Kbot is a backdoor Trojan with many look-alike friends out there that are looking to invade systems. It is a Windows PE EXE file and its size is 12787 bytes. Once it has launched, it will copy its executable file to the Windows system directory: %System%\mssrv32.exe.
Then it will create a phony “Microsoft security update service”. Once this is clicked it will automatically launch the backdoor’s executable file each time Windows starts up. This is the registry key that is created. [HKLM\SYSTEM\CurrentControlSet\Services\msupdate]
Remove at once.
Clear your system of Win32.Kbot by using Task Manager to end all of the program’s processes. You will then have to delete the original backdoor file. Then delete the following system registry key: [HKLM\SYSTEM\CurrentControlSet\Services\msupdate]
For automatic removal, try ZookaWare PC Cleaner.