I've just ran a scan with Bitdefender 8 Free and got this

C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Infected Trojan.Downloader.Vbs.Small.S
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Disinfection failed
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Moved

I deleted it and re-scan to find it is still there.

I'm surprised it is showing up in a Bitdefender file.

Should I be concerned? Should I do anything else?

Ian

{QUOTE-> I've just ran a scan with Bitdefender 8 Free and got this

C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Infected Trojan.Downloader.Vbs.Small.S
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Disinfection failed
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Moved

I deleted it and re-scan to find it is still there.

I'm surprised it is showing up in a Bitdefender file.

Should I be concerned? Should I do anything else?

Ian <-QUOTE}Run an online scanner such as F-Secure. http://support.f-secure.com/enu/home/ols.shtml

See if you can upload the file to Jotti's Malware Scanner (http://virusscan.jotti.org)

Firecat

I thought about using Jotti but I can't see emalware.cvd, I can see emalware.ivd and emalware.xmd.

Bitdefender is finding a file I cannot see?

Hammer

F-secure doesn't get rid of trojans according to site. Should I still bother to use it?

Ran Escan yesterday and it didn't find anything using KAV signatures.

Thanks
Ian

If KAV signatures didn't find it, F-Secure will most probably not find it either. Try contacting BitDefender support.

{QUOTE-> Firecat

I thought about using Jotti but I can't see emalware.cvd, I can see emalware.ivd and emalware.xmd.

Bitdefender is finding a file I cannot see?

Hammer

F-secure doesn't get rid of trojans according to site. Should I still bother to use it?

Ran Escan yesterday and it didn't find anything using KAV signatures.

Thanks
Ian <-QUOTE}Panda does. http://www.pandasoftware.com/products/activescan/com/activescan_principal.htm

I just ran the quarantine file through jotti and all clear.

I'll email Bitdefender and see what they say.

Thanks
Ian

Live support at BD tell me it is a false-positive.

You can't help but be impressed by companies that offer live support.

Ian

BD gave me the same message this AM. I remembered this thread from yesterday, and figured it was a false positive. I am glad the BD team is aware of it. I guess they will take care of it in an update.

Thanks for the info.
Jerry

I just completed a scan with BD and came up clean. Maybe the BD team fixed it with the latest updates.
I hope so.
Jerry

{QUOTE-> I just completed a scan with BD and came up clean. Maybe the BD team fixed it with the latest updates.
I hope so.
Jerry <-QUOTE}hi guys, i get the same problem, yesterday BD couln't clean the file, so it moved it to the 'infected' file folder in program files. Today there was a large update that seems to have sorted the probelm!! All very strange, Imagine a AV trying to clean itself!!:) T

I heavily suspected the problem to be a case of FPs, because of the fact that KAV signatures did not find anything, and jotti too came up negative.

And yes, BD's support impressed me very very much. :)

Same problem here. BD support was excellent. They advised a mistake at their end in the update file. Told not to worry all is ok...

Very impressed with the support.

This is the first time i see AV picks its OWN files as malware. Funny indeed ;D

{QUOTE-> This is the first time i see AV picks its OWN files as malware. Funny indeed ;D <-QUOTE}

It happened a long time ago with a rebadged version of Viguard (In-Defense). The funny thing is that it happened during a test performed (and published) by the Virus Bulletin.

http://www.virusbtn.com/issues/virusbulletin/backissues/1998/199811.pdf

What I didn't post in my initial post is that a few weeks earlier BD found a trojan in Ewido uninstall.

After an update it wasn't there.

Strange.

Ian