Jump to content

Recommended Posts

Here's another possible FP that popped up around 10 minutes ago for my MBAM. I was browsing imgur and gfycat prior, closed Chrome, and upon reopening I got this Backdoor.Bot warning.

 

I have blocked out the bookmark for my University's website for obvious anti-tracking reasons :) You don't know when someone will crawl the internet for my information!

 

http://i.imgur.com/GoAwj2a.png

 

Detection, 06/01/2015 17:13:45, SYSTEM, MATT-PC, Protection, Malware Protection, File, Backdoor.Bot, C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe, Quarantine

I've removed the ID because I'm unsure as to whether you should post that, but I'll happy give it to any staff who request it.

Link to post
Share on other sites

Hello, can anyone from the MBAM confirm if nacl64.exe is indeed a false positive?  A google search of the hashtag brought back no results, thanks.

 

 Detection, 1/6/2015 12:11:39 PM, File, Backdoor.Bot, C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe, Quarantine, [cb64dd17cabfda5c3e2cde276c9650b0]

Link to post
Share on other sites

I saw this backdoor.bot alert pop up on Chrome.exe about an hour ago. Had to delete Chrome and reinstall just so I could browse the web again. Then about 20 minutes later during a rescan I saw this backdoor.bot alert pop up on the nacl64.exe file. Thankfully I found this thread via Google. I just noticed the databases were updated so I'm running a 3rd scan just to make sure

Link to post
Share on other sites

Rich has already indicated a fix has been pushed.
 
Please reference: Please read before reporting a false positive
 
Post #2

If you are not a member of Staff or Experts group please do not reply to other users posts in either the File or Web Blocking forums.

 
Thank you for understanding.

Link to post
Share on other sites

  • 2 weeks later...

this is a false positive. please update database in a few mins and it should no longer be detected.

 

I just had this happen today for first time and my portable version of Chrome has not changed in a long time.  Still a false positive?  Backdoor.bot in Chrome Portable nacl64.exe

Link to post
Share on other sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/19/2015
Scan Time: 4:54:04 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.19.14
Rootkit Database: v2015.01.14.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
 

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 380954
Time Elapsed: 1 min, 50 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Backdoor.Bot, F:\Google Chrome Portable\GoogleChromePortable\App\Chrome-bin\39.0.2171.71\nacl64.exe, Quarantined, [d5758f6a573262d47b33b65754ae33cd],

Physical Sectors: 0
(No malicious items detected)

(end)

Link to post
Share on other sites

Luddy:
 
What I wrote in Post #6 is for you as well.  If you have an issue, please start your own thread.

Please reference: Please read before reporting a false positive
 
Post #2

If you are not a member of Staff or Experts group please do not reply to other users posts in either the File or Web Blocking forums.

 
Thank you for understanding.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.