MikeVO

I completed all the steps above. As would be expected, the quarantine log is now empty. However, the formerly-quarantined, false-positive file (icardagt.exe) has not been re-instated to the location from which it was quarantined. Do I just copy the icardagt.exe from the system32 folder into the location from which its namesake had been removed by MBAM? Thank you for your guidance.

Unfortunately MBAM would not restore my quarantined file to its original location, either before or after a restart and update. Upon starting MBAM again, the same Backdoor.Bot appears in the quarantined file list. How do I proceed?

Does this mean that I should "undelete"/reinstate the file?

Scan Log File: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5900 Windows 6.1.7600 (Safe Mode) Internet Explorer 8.0.7600.16385 2/28/2011 3:54:31 PM mbam-log-2011-02-28 (15-54-31).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 300256 Time elapsed: 24 minute(s), 50 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Windows\winsxs\amd64_wcf-icardagt_exe_31bf3856ad364e35_6.1.7600.16385_none_8dcc9c6f8b58a5eb\icardagt.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

Yesterday I ran MBAM in Safe Mode. It found only one file associated with Backdoor.Bot. It did not find any other infected traces in processes or in the registry. I instructed MBAM to remove/quarantine the file which it did. For backgound, I had during the previous week run both MBAM and MS Security Essentials full scans after regular Windows 7 startup. No trace of Backdoor.Bot was reported by any prior scan. I also ran another MBAM scan in Safe Mode today. It found no malware. When I searched for some information on Backdoor.Bot, I read a thread on the Bleeping Computer forum. It suggested that any system infected by Backdoor.Bot was at extreme risk. It said that, short of reformatting and re-installing the whole system, the computer and my online activity would always be at risk. It suggested contacting banks and taking other identity theft precautions. So far I have changed my system's passwords while I was offline, but I have not taken other actions. 2 Questions: Did I catch the Backdoor.Bot early enough (as ONE file being infected and removed so that I am not at dire risk? Is Bleeping Computer a reputable forum? Thank you.