# [SOLVED] malewarebytes found 2 backdoor.bot



## tierra (Nov 6, 2007)

HI,

Malewarebytes just found 2 backdoor.bot files.

I clicked remove - do you think it's taken care of?

I'm going to run an online scan with Eset or something similar.

I have a lot of security on my computer (done the suggestions on your site and others) and try to be very careful about my web surfing; however, this is the second problem in a month. I don't even know how this go here as run Malewarebytes daily and nothing yesterday.

Malwarebytes Anti-Malware 1.65.0.1400
Malwarebytes : Free anti-malware download

Database version: v2012.09.21.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
93 :: 93-PC [administrator]

21-Sep-12 7:18:21 AM
mbam-log-2012-09-21 (07-18-21).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 329621
Time elapsed: 26 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\HELP\PLAYER\FLASHPLA.EXE (Backdoor.Bot) -> Data: 3 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\HP\Digital Imaging\help\player\FlashPla.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

(end)

When I rebooted I got the messages in the attachments


----------



## tierra (Nov 6, 2007)

*Re: malewarebytes found 2 backdoor.bot*

I re-ran Malwarebytes and it didn't find it and this time placed my usb flash drives in as looks like it can affect them and I had backed up my files this morning before running Malewarebytes.

Do you think my flash drives are really clean and also the computer now?


----------



## koala (Mar 27, 2005)

*Re: malewarebytes found 2 backdoor.bot*

To see if your flash drives are clean, scan them with Malwarebytes.

If you think your hard drive might still be infected, please follow these instructions and start a new thread in the Virus/Trojan/Spyware Help forum with all the requested logs.


----------



## tierra (Nov 6, 2007)

*Re: malewarebytes found 2 backdoor.bot*

I just ran the flash drives in malewarebytes and a full on the whole computer again and now it says it's clean. 

I'm running Norton now, will run spybot then either Eset online or Norman online (as heard Norman is catching this when others aren't).

I'll post again if any of them find anything.

I hate to ask for help again to clean my computer as just had a mess with babylon. 

I really try hard to be safe and use safe sites and have done all the things requested and more (being careful not to have conflicting programs). I run full scans daily on Malwarebytes and Norton and spybot.

I'm not that computer literate; however, do read up occasionally on security stuff to try to stay clean.

Would they help since I just had a problem with babylon - I really try hard to keep a clean computer and had for a long time and this month 2 attacks.

Is there something going on right now to make things more risky?


----------



## tierra (Nov 6, 2007)

*Re: malewarebytes found 2 backdoor.bot*

Also, should I delete the quarantined items in Malewarebytes. What do I do with them?


----------



## tierra (Nov 6, 2007)

*Re: malewarebytes found 2 backdoor.bot*

re-scaned with malwarebytes for computer and flash drives and clean.

Same with Norton, Spybot, ESET and Norman malware cleaner - no one is finding anything. 

So is it safe to think my computer is ok?

Do I delete the quarantined objects in Malwarebytes?

Thanks you.


----------



## koala (Mar 27, 2005)

*Re: malewarebytes found 2 backdoor.bot*

It's probably ok, but if you'd like our analysts to confirm, see the links in my last reply.

The quarantined objects can be deleted, if Malwarebytes hasn't already automatically removed them.


----------



## tierra (Nov 6, 2007)

*Re: malewarebytes found 2 backdoor.bot*

Thanks - I'll post. 

Also I keep getting messages about solution center - is this related? It started this morning.


----------



## koala (Mar 27, 2005)

*Re: malewarebytes found 2 backdoor.bot*

It might be related. It depends on what the messages say.

Do you have any HP hardware, possibly a printer or scanner? Use the Windows Installer CleanUp Utility to remove Solution Center from the list to prevent it trying to update every time you switch on.


----------



## tierra (Nov 6, 2007)

*Re: malewarebytes found 2 backdoor.bot*

Yes, I do have a HP printer/scanner, old but what I use. I'll check out the solution.

Thank you.


----------



## tierra (Nov 6, 2007)

*Re: malewarebytes found 2 backdoor.bot*

also getting error messages now on TFC. So I've posted but before the problems with TFC.


----------



## tetonbob (Jan 10, 2005)

*Re: malewarebytes found 2 backdoor.bot*

I suspect those may have been false positives.

There's no need to delete items from quarantine as they have been rendered inert and pose no threat to a computer at that time. And, in the case of possible false positives, if you delete them they cannot be restored.


----------



## tierra (Nov 6, 2007)

*Re: malewarebytes found 2 backdoor.bot*

Thank you. I'll wait and see if they are false positives.


----------



## tierra (Nov 6, 2007)

*Re: malewarebytes found 2 backdoor.bot*

I never got a response back and even "Bump, please".

So does that mean it's clean or they didn't do it as second attack in a month? 

Seems to me in the past if no infection they would get back to you and tell you.

What can I do to make sure as some programs have been weird since this attack?

Thank you.


----------



## tetonbob (Jan 10, 2005)

*Re: malewarebytes found 2 backdoor.bot*

Those were false positives. You can visit the Malwarebytes False Positives forum and see several reports about this. 

Example:
Flash Player FP - Malwarebytes Forum

You can restore those items, update and rescan, and they should no longer be detected.


----------



## tierra (Nov 6, 2007)

*Re: malewarebytes found 2 backdoor.bot*

Thank you!

I restored and re-ran (2nd run today) and it found nothing.


----------



## tetonbob (Jan 10, 2005)

:thumb:


----------

