Jump to content

False positive (Backdoor Bot)

bmullin

By bmullin
in File Detections

 Share

Recommended Posts

bmullin

bmullin

Posted
Posted

My screenblanker pops up when the keyboard had been idle for 10 minutes. Not every time, but occasionally I see a Backdoor Bot alert which prevents the screenblanker from executing. Clicking on "ignore" starts up the screenblanker but unfortunately does not save a log file. Additionally, the ignore is not permanent since the program name is not posted in Ignore Tab screen. No log file was saved, if one had been I would have included it here. I've tried to manually insert the filename in the ignore file but have not gotten this to work. FWIW, I also scanned the offending file with both MWB and McAfee, but both said there were no problems.

I've changed the name of the file from ClockCal.scr to ClockCal.txt and hopefully I've attached it to this message correctly. Note that for testing purposes, you can also change the name to ClockCal.exe rather than having to execute the program through the screensaver process.

I realize that I could simply delete the program, but this is a very functional screensaver and the only one I've used since the Win95 days.

Thanks, Bill

ClockCal.txt

Link to post
Share on other sites
bmullin

bmullin

Posted
  • Author
Posted
Please update MBAM and do a quick scan , post the log .

I am unable to replicate this with your supplied file .

For me, the problem only occurs once or twice a day, and only when the screen blanker is brought up by the OS rather than manually. Change the extension of the attachment from TXT to SCR, install it as your screen blanker, then set blanking time to 5 minutes or less. Sooner or later MWB should give you the "Backdoor Bot" message.

Thanks, Bill

----------------------------------------

Malwarebytes' Anti-Malware 1.41

Database version: 3040

Windows 6.0.6002 Service Pack 2

10/27/2009 7:41:22 am

mbam-log-2009-10-27 (07-41-22).txt

Scan type: Quick Scan

Objects scanned: 101207

Time elapsed: 4 minute(s), 16 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.