Root Kit And "backdoor.subsari.14.b" False Positives

zimmelman
zimmelman
in False positive reporting

I just ran a full scan and BitDefender came up with a what seems like a lot of false positives.


It came up with about 150 of these as "Rootkit-Hidden Items". These are all backup folders (yes hidden) installed by Lenovo's (IBM) "Restore and Recover" backup system.


C:\RRbackups\Documents and Settings\Steve\Application Data\Microsoft\SystemCertificates\My\CTLs


This was identified as "Backdoor.Subsari.14.B", but it's a simple printer test that I wrote myself. It was a test applet written in Delphi to identify the default printer on a local system.


C:\Test\dPrinterTest\DPrinterTst.exe


I sent this in via the "Quarantine" section in BitDefender.


I'd be happy to provide you with more information should you need it.

Comments

  • rootkit
    rootkit ✭✭✭
    edited September 2008

    Put the file in a zip or rar archive with the password infected and attach the file here . ;)

  • zimmelman
    zimmelman
    Put the file in a zip or rar archive with the password infected and attach the file here . ;)


    Thanks, but they already took care of this. I sent it directly last week to BitDefender and it was fixed within hours. I'm impressed at their speed.

All Time Leaders

Categories

Defenders of the month