Jump to content


Photo

Trojan.Backdoor.Small.FB.Backdoor


  • Please log in to reply
7 replies to this topic

#1 LATRANS

LATRANS

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 18 February 2006 - 07:01 AM

Anybody out there know what this does? Detected and deleted (I think) by Microsoft Antispy on 2-8-06 as "Trojan.Backdoor.Small.FB.Backdoor", it was a 28 kb .tmp file amongst 172 other .tmp files (all 28 kb) w/ an identical last modified date (1-5-05 1056 est), in the TEMP folder. If it has really been on my computer for a year, then pccillin and spysweep have been missing it for that long. False positive or something new? No visible symptoms...

Latrans

#2 guysmilie

guysmilie

    Member

  • New Member
  • Pip
  • 1 posts

Posted 12 March 2006 - 01:28 AM

I detected the exact same problem on my computer. Do you ever play online poker, especially at PartyPoker.com? I do and found that after removing this "Trojan.Backdoor.Small.FB" it reappears as soon as I start the Party Poker software. I am afraid that someone may have tried to spy on my computer while I was playing poker to see my cards and cheat me. I guess the other possibility is that a .tmp file created by the Party Poker software is mistakenly detected as this virus.

Would you please try the following and post the results here:

1. Run Microsoft Antispy and detect and remove this "Trojan.Backdoor...." to be sure it is gone.

2. Run Microsoft Antispy again to ensure that it is really gone.

3. Start the Poker software and close it.

4. Run Microsoft Antispy and see if it has reappeared.

I also emailed support@partypoker.com about this on two occasions. Usually they always respond to my emails quickly but they refuse to reply to my emails about why this is happening, and if it is something they are aware of. I really hope you will post your results.


Anybody out there know what this does? Detected and deleted (I think) by Microsoft Antispy on 2-8-06 as "Trojan.Backdoor.Small.FB.Backdoor", it was a 28 kb .tmp file amongst 172 other .tmp files (all 28 kb) w/ an identical last modified date (1-5-05 1056 est), in the TEMP folder. If it has really been on my computer for a year, then pccillin and spysweep have been missing it for that long. False positive or something new? No visible symptoms...

Latrans



#3 maui2219

maui2219

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 18 March 2006 - 02:15 AM

I detected the exact same problem on my computer. Do you ever play online poker, especially at PartyPoker.com? I do and found that after removing this "Trojan.Backdoor.Small.FB" it reappears as soon as I start the Party Poker software. I am afraid that someone may have tried to spy on my computer while I was playing poker to see my cards and cheat me. I guess the other possibility is that a .tmp file created by the Party Poker software is mistakenly detected as this virus.

Would you please try the following and post the results here:

1. Run Microsoft Antispy and detect and remove this "Trojan.Backdoor...." to be sure it is gone.

2. Run Microsoft Antispy again to ensure that it is really gone.

3. Start the Poker software and close it.

4. Run Microsoft Antispy and see if it has reappeared.

I also emailed support@partypoker.com about this on two occasions. Usually they always respond to my emails quickly but they refuse to reply to my emails about why this is happening, and if it is something they are aware of. I really hope you will post your results.



Anybody out there know what this does? Detected and deleted (I think) by Microsoft Antispy on 2-8-06 as "Trojan.Backdoor.Small.FB.Backdoor", it was a 28 kb .tmp file amongst 172 other .tmp files (all 28 kb) w/ an identical last modified date (1-5-05 1056 est), in the TEMP folder. If it has really been on my computer for a year, then pccillin and spysweep have been missing it for that long. False positive or something new? No visible symptoms...

Latrans



#4 maui2219

maui2219

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 18 March 2006 - 02:19 AM

I get the same thing. It always happens when I use party poker.com. I hvnt found any way to keep it off my pc and cant find a way to stop it except to not use party poker any more. Microsoft anti-spyware seems to be the only thing that can find it. I havnt noticed any problems that it causes either. I have party poker on another pc and found the same trojan, deleted it and it never came back. Im not sure why. If anyone has any info abt this trojan I'd appreciate it. Thnks

Edited by maui2219, 18 March 2006 - 02:40 AM.


#5 f451

f451

    Member

  • New Member
  • Pip
  • 1 posts

Posted 18 March 2006 - 03:22 AM

Me too, (Party et al)

I believe this is a false positive as nothing else detects it.
Trojan Hunter; Ewido;SpybotS&D;A2; Uploading the file to jonti gets a clean bill of health.
I think it is an obsolete file as it does not reappear
It is a good idea to keep your temp folders cleaned out and I use CCleaner for this.


Good Luck

Edited by f451, 18 March 2006 - 03:24 AM.


#6 Pokerpoker

Pokerpoker

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 26 March 2006 - 09:46 PM

I have also detected Trojan.Backdoor.Small.FB Backdoor a few times and I also play at Party Poker. I've sent an e-mail to them so we'll see if we get a reply...

#7 Pokerpoker

Pokerpoker

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 27 March 2006 - 11:44 AM

Looks like a standard Fob me off from Party...

Thank you for contacting us.

We would like to assure you that we do not have any kind of Trojan horses or Viruses installed in our software. Our site is the largest in the online poker community therefore, the installation of any software or infliction of any viruses of this sort on our site would be completely unacceptable.

Our systems operate high levels of security making it highly impossible for a virus to pass through our servers. Regular scans using the most up to date anti-virus software coupled with the installation of robust firewalls ensure our web and game servers are secure and on stable platforms.

I understand your concern, however, I must stress that our principle aim has always been to provide a safe and fair gaming environment. On this we will not compromise.

Further in this regard, you can also check your system for viruses online with the help of Symantec website.
Open the link http://www.sarc.com/ and scroll down to find Check for security risks.
Click on the link and follow the instructions to run a virus scan on your computer for any virus threat.

I hope that I have been able to reassure you that it is safe to download and play at our site without the fear of any risk to your computer system.

For more information regarding security at our site please check the following URL:

http://www.partypoke...t_us/index.html


Thank you for choosing us as your online gaming site!

Vikrant
PartyPoker Customer Care
------------------------------------------------------
PartyPoker, WPC Productions Limited, 711 Europort, Gibraltar

--Original Message--
From:
Date: 2006-03-26 22:36
To: info@partypoker.com
Subject:

Microsoft Anti-spyware has detected a Trojan horse called Trojan.Backdoor.Small.FB on my pc in the following location: c:\documents and settings\NTH\Local Settings\Temp\34.tmp

This has appeared on a number of occasions when playing on Party Poker. I'm very concerned that somehow my cards are being read. Can you advise what this is? There have been other reports of this issue when playing on Party Poker.

I have quarantined the file and can send it to you should you wish.

Regards,

#8 Celestiaetterra

Celestiaetterra

    Member

  • New Member
  • Pip
  • 1 posts

Posted 27 March 2006 - 04:59 PM

It is absolutely Party Poker.

Remove trojan.
Reboot.
Run Antispy > nothing will show.
Run Party Poker.
Run Antispy again > Will appear again.

EOM

Looks like a standard Fob me off from Party...

Thank you for contacting us.

We would like to assure you that we do not have any kind of Trojan horses or Viruses installed in our software. Our site is the largest in the online poker community therefore, the installation of any software or infliction of any viruses of this sort on our site would be completely unacceptable.

Our systems operate high levels of security making it highly impossible for a virus to pass through our servers. Regular scans using the most up to date anti-virus software coupled with the installation of robust firewalls ensure our web and game servers are secure and on stable platforms.

I understand your concern, however, I must stress that our principle aim has always been to provide a safe and fair gaming environment. On this we will not compromise.

Further in this regard, you can also check your system for viruses online with the help of Symantec website.
Open the link http://www.sarc.com/ and scroll down to find Check for security risks.
Click on the link and follow the instructions to run a virus scan on your computer for any virus threat.

I hope that I have been able to reassure you that it is safe to download and play at our site without the fear of any risk to your computer system.

For more information regarding security at our site please check the following URL:

http://www.partypoke...t_us/index.html


Thank you for choosing us as your online gaming site!

Vikrant
PartyPoker Customer Care
------------------------------------------------------
PartyPoker, WPC Productions Limited, 711 Europort, Gibraltar

--Original Message--
From:
Date: 2006-03-26 22:36
To: info@partypoker.com
Subject:

Microsoft Anti-spyware has detected a Trojan horse called Trojan.Backdoor.Small.FB on my pc in the following location: c:\documents and settings\NTH\Local Settings\Temp\34.tmp

This has appeared on a number of occasions when playing on Party Poker. I'm very concerned that somehow my cards are being read. Can you advise what this is? There have been other reports of this issue when playing on Party Poker.

I have quarantined the file and can send it to you should you wish.

Regards,






Member of UNITE
Support SpywareInfo Forum - click the button