BitDefender- outbound attempt from quarantine?

I installed BD 10 free edition and ran a scan. It identified one of my HP update files as malware and placed it in quarantine. I then shut down BD. Later I saw an alert pop up from Online Armor fw stating there was an outbound connection attempt. The file was marked as coming from BD quarantine and the IP address was to Hewlett-Packard. Has anyone else encountered a similar issue as this?

 

I had a problem with some HP utility file too some months ago. The file changed the home page of IE to point to HP support and was doing other stuff, like phoning home, that seem to be enough to be classified as riskware even if it's from HP.

Now in your case, my guess is that since you shut down bitdefender, the quarantine area isn't really working anymore and the file is phoning home.

Personally, after reporting it as a possible FP for months to BD, I ended up deleting that file. Too much trouble and it's not useful anyway.

Kin

 

I would think that even if you shut down the Bitdefender, the file would still stay quarantined. The files should be encrypted and meant to stay there securely.

 

Yeah, that's the purpose of quarantining it, it should then be unable to run or otherwise do anything at all.. Not sure what's going on there.. but it would appear that BD didn't do something properly.. If not needed, I think I would just delete that file anyway...

 

Yes that was my concern. The log file from Online Armor states the following-

C: Documments and Settings\All Users\Application Data\BitDefender\Desktop\Quarantine\Backweb-137903.exe, Outgoing Access Blocked, Port 480

 

it sounds like BD is trying to submit the quarentined files to their analyists.

your online armour is blocking this.

well thats what i think, however... i aint sure with BD 10 free.

 

I ran the IP address of the destination and it came back as HP.