Jump to content

MBAM borked legit folders due to the heuristics


SpySentinel

Recommended Posts

http://forums.maddoktor2.com/index.php?showtopic=19389

Folders Infected:

C:\_ (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\File32 (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\File64 (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\Help (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\L10N (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\MBD (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\PFW (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\Profile (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\TASK (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\TMAS (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\TMAS\auhome (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\TMAS\cache (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\TMAS\cache64 (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\TMAS\common (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\TMAS\OE (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\TMAS\OE64 (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\TMAS\OL (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\TMAS\rule (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Module\Tutorial (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Pattern (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\Pattern\AspmData (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\System32 (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\System32\drivers (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\System32\drivers\im (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\System64 (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\System64\drivers (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\_\System64\drivers\im (Backdoor.Bot) -> Quarantined and deleted successfully.

User complains of this:

since the last shut down my computer is having a looping error of windows explorer error and then it must restart it just continually does this it won't let me use a restore point or really do anything. Any suggestions?
Link to post
Share on other sites

DDA and DOR are not the same driver .

DDA is in the scanner , DOR works on reboot and then exist , it is not running when the system is on the desktop .

If that startup entry is there it indicates a skipped required reboot , it is deleted when DOR run .

Link to post
Share on other sites

DDA and DOR are not the same driver .

DDA is in the scanner , DOR works on reboot and then exist , it is not running when the system is on the desktop .

If that startup entry is there it indicates a skipped required reboot , it is deleted when DOR run .

Thanks.

Lack of sleep = typing wrong acronym.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.