Bitdefender finds trojan in Bitdefender file

Discussion in 'other anti-virus software' started by Iangh, Sep 3, 2005.

Thread Status:
Not open for further replies.
  1. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    849
    Location:
    Melbourne, Australia
    I've just ran a scan with Bitdefender 8 Free and got this

    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Infected Trojan.Downloader.Vbs.Small.S
    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Disinfection failed
    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Moved

    I deleted it and re-scan to find it is still there.

    I'm surprised it is showing up in a Bitdefender file.

    Should I be concerned? Should I do anything else?

    Ian
     
  2. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,752
    Location:
    Toronto Canada
    Run an online scanner such as F-Secure. http://support.f-secure.com/enu/home/ols.shtml
     
  3. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
  4. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    849
    Location:
    Melbourne, Australia
    Firecat

    I thought about using Jotti but I can't see emalware.cvd, I can see emalware.ivd and emalware.xmd.

    Bitdefender is finding a file I cannot see?

    Hammer

    F-secure doesn't get rid of trojans according to site. Should I still bother to use it?

    Ran Escan yesterday and it didn't find anything using KAV signatures.

    Thanks
    Ian
     
  5. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    If KAV signatures didn't find it, F-Secure will most probably not find it either. Try contacting BitDefender support.
     
  6. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,752
    Location:
    Toronto Canada
    Panda does. http://www.pandasoftware.com/products/activescan/com/activescan_principal.htm
     
  7. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    849
    Location:
    Melbourne, Australia
    I just ran the quarantine file through jotti and all clear.

    I'll email Bitdefender and see what they say.

    Thanks
    Ian
     
  8. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    849
    Location:
    Melbourne, Australia
    Live support at BD tell me it is a false-positive.

    You can't help but be impressed by companies that offer live support.

    Ian
     
  9. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,306
    BD gave me the same message this AM. I remembered this thread from yesterday, and figured it was a false positive. I am glad the BD team is aware of it. I guess they will take care of it in an update.

    Thanks for the info.
    Jerry
     
  10. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,306
    I just completed a scan with BD and came up clean. Maybe the BD team fixed it with the latest updates.
    I hope so.
    Jerry
     
  11. Tom772

    Tom772 Guest

    hi guys, i get the same problem, yesterday BD couln't clean the file, so it moved it to the 'infected' file folder in program files. Today there was a large update that seems to have sorted the probelm!! All very strange, Imagine a AV trying to clean itself!!:) T
     
  12. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    I heavily suspected the problem to be a case of FPs, because of the fact that KAV signatures did not find anything, and jotti too came up negative.

    And yes, BD's support impressed me very very much. :)
     
  13. Kielty

    Kielty Registered Member

    Joined:
    May 3, 2005
    Posts:
    140
    Location:
    The Emerald Isle
    Same problem here. BD support was excellent. They advised a mistake at their end in the update file. Told not to worry all is ok...

    Very impressed with the support.
     
  14. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    This is the first time i see AV picks its OWN files as malware. Funny indeed :D
     
  15. Tweakie

    Tweakie Registered Member

    Joined:
    Feb 28, 2004
    Posts:
    90
    Location:
    E.U.
    It happened a long time ago with a rebadged version of Viguard (In-Defense). The funny thing is that it happened during a test performed (and published) by the Virus Bulletin.

    http://www.virusbtn.com/issues/virusbulletin/backissues/1998/199811.pdf
     
  16. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    849
    Location:
    Melbourne, Australia
    What I didn't post in my initial post is that a few weeks earlier BD found a trojan in Ewido uninstall.

    After an update it wasn't there.

    Strange.

    Ian
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.