Today I attempted to start a game that I have had for a couple of years. A message popped up stating that I had a backdoor trojan…BKDR-SPYBOTER.E. I was asked if I wanted to delete the file as it was corrupt. It even stated that it had to reboot as it was unable to completely remove the problematic code. After thinking about this, I am thinking that this was a false positive. Of course, I opted to delete the offensive file and my game no longer will start. Any insight?
Hi flowerchild55, welcome to the forum
There is always de possibillety of a False Positive.
What we recommend with a suspected False Positive is to upload the file to www.virustotal.com to see if it is flagged ( or not ) by other av’s as well. That could give an indication if it is realy a False Positive. ( You can also post the VirusTotal scan here and ask us for an opinion ).
If you are sure it is a False Positive you can drag and drop the file in BOCleans Excluder so it won’t be scannned anymore.
In case of a suspected False Positive we also ask to follow this procedure :
but she’s already deleted the suspected file ???
That is what I understand, but we can’t repair that 88)
Thanks for the assistance. Next time I’ll not panic and investigate before deleting files.
Indeed In case of a program you have used for such a long time, you shouldn’t panic and investigate it first
Another option is to keep copy of trojan as evidence which is configurable in BOC’s settings. Then if you need to restore the file, all you need to do is rename it to original file name and put it back where it was removed from. This worked for me in the past when BOC removed a file from CyberSitter. I simply put it back and all was well again.
Me stupid :-[
Yes, the copy will be saved as “evidence.boc” in the BOC427 map.
Thank you planet