Jump to content

Support.exe detected as Backdoor.VBBot.H


xx521xx

Recommended Posts

MBAM is detecting this file on my system as Backdoor.VBBot.H:

C:\WINDOWS\Expert\Apps\Support.exe

Is it a false positive? I think it's part of the help system for a game, Sonic 3 & Knuckles Collection. I uploaded the file to VirusTotal and it came back clean there (0/39 detections).

Here is my developer mode log. I've removed some unrelated detections from the log (CouponBar and Fake.Driver).

Malwarebytes' Anti-Malware 1.34

Database version: 1832

Windows 5.1.2600 Service Pack 3

3/10/2009 6:36:30 PM

mbam-log-2009-03-10 (18-36-28).txt

Scan type: Full Scan (C:\|)

Objects scanned: 112434

Time elapsed: 9 minute(s), 53 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 18

Registry Values Infected: 2

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

[unrelated detections]

Registry Values Infected:

[unrelated detections]

Registry Data Items Infected:

[unrelated detections]

Folders Infected:

(No malicious items detected)

Files Infected:

[unrelated detections]

C:\WINDOWS\Expert\Apps\Support.exe (Backdoor.VBBot.H) -> No action taken. [55385152424847304983807570688518]

Link to post
Share on other sites

2 dell files (RemoveEC.exe & DEMO.EXE) also detected as Backdoor.VBBot.H .

Malwarebytes' Anti-Malware 1.34Database version: 1832Windows 5.1.2600 Service Pack 3
10/03/2009 23:23:39mbam-log-2009-03-10 (23-23-36).txt
Scan type: Full Scan (C:\|)Objects scanned: 129206Time elapsed: 30 minute(s), 13 second(s)
Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 1Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 2
Memory Processes Infected:(No malicious items detected)
Memory Modules Infected:(No malicious items detected)
Registry Keys Infected:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WS2IFSL (Fake.Driver) -> No action taken. [385753513430414438586445483634456446343641424738615258525338466136868383707985368079858380775270856152708387746870846156521942395245]
Registry Values Infected:(No malicious items detected)
Registry Data Items Infected:(No malicious items detected)
Folders Infected:(No malicious items detected)
Files Infected:C:\dell\RemoveEC.exe (Backdoor.VBBot.H) -> No action taken. [55385152424847304983807570688518]C:\dell\Utilities\DSR\demo\DEMO.EXE (Backdoor.VBBot.H) -> No action taken. [55385152424847304983807570688518]
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.