BitDefender Antivirus 2010 Detection/Blocking and Deletion

Discussion in 'other anti-virus software' started by DVD+R, Oct 15, 2009.

Thread Status:
Not open for further replies.
  1. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    I decided to give BitDefender Antivirus a thrashing, and navigated to the well know nasty trojan site thekeys.ws, Firstly Windows 7 blocked the site notifiying me it had been reported unsafe :ninja: Secondly I chose to ignore that warning and advance on to downloading what should have been serial keys for well know softwares, but were disguised in the .exe file extension type, which fool users into believing that a Command prompt script was registering the software to hack it and register it. (I must add none of the programs i downloaded these .exe serial key scripst for are installed)

    Bitdefender allowed the .exe to be downloaded, where as other AV's have intercepted this type of trojan,and blocked the download, so I'm suspicious already on BD's strength :doubt: On executing the .exe files to run,and apparently generate a ligitimate serial key, the command prompt was allowed to proceed 2 steps before BifDefender finally decided to spring into action,and tell me several viruses and trojans had been blocked and deleted :D This all seems very weel and good, but a little more speed to intercept firstly the downloading of such files,and secondly more rapidity to intercept the file actually trying to execute on the Trojan in the first instance so it never reaches the critical parts on the computer.

    This led me to proceed with a deep scan, which deleted 1 trojan which I had downloaded,and forgotten to delete, which is good,as it did what i was going to do,but had forgotten :cool:

    Next I'll enable HTTP scnning,and repeat the process, hopefully BD will this time intercept the download in the first place.



    OK, so I think I have everything set to maximum protection,and after brualizing BD heres the Scan results after its detection and cleaning :cautious:
    One question though? why the skipped files,and which ones were skipped? Surely not infected oneso_O :ninja:




    [noparse]BitDefender Log File

    Product: BitDefender Antivirus 2010
    Version: BitDefender Antivirus Scanner
    Scanning task: Deep System Scan
    Log date: 15/10/2009 8:07:38 PM
    Log path: C:\ProgramData\BitDefender\Desktop\Profiles\Logs\deep_scan\1255608458_1_00.xml

    Scan paths:path 0000: C:\

    Scan Level:Scan for viruses: Yes
    Scan for adware: Yes
    Scan for spyware: Yes
    Scan for applications: Yes
    Scan for dialers: Yes
    Scan for rootkits: Yes
    Scan for keyloggers: Yes

    Virus Scanning Options:Scan registry keys: Yes
    Scan cookies: Yes
    Scan boot sectors: Yes
    Scan memory processes: Yes
    Scan archives: Yes
    Scan runtime packers: Yes
    Scan e-mails: Yes
    Scan all files: Yes
    Heuristic Scan: Yes
    Scanned extensions: not configured
    Excluded extensions: not configured

    Target Processing:Default first action for infected objects: Disinfect
    Default second action for infected objects: Delete
    Default first action for suspect objects : Disinfect
    Default second action for suspicious objects: Delete
    Default action for hidden objects: None
    Default first action for encrypted infected objects: Disinfect
    Default second action for encrypted infected objects: Delete
    Default first action for encrypted suspicious objects: Disinfect
    Default second action for encrypted suspicious objects: Delete
    Default action for password-protected objects: Log only

    Scan Engines SummaryVirus signatures: 4346893
    Archive plugins: 44
    E-mail plugins: 6
    Scan plugins: 13
    System plugins: 5
    Unpack plugins: 8

    BasicScanned items: 108070
    Infected items: 0 (no infected items have been detected)
    Suspect items: 0 (no suspected items have been detected)
    Hidden items: 0 (no hidden items have been detected during this scan)
    Resolved items: 0 (no threats have been detected during this scan)
    Unresolved items: 0 (no issues remained unresolved)

    AdvancedSkipped items: 44429
    Password-protected items: 0
    Over-compressed items: 0
    Individual viruses found: 0
    Scanned folders: 10050
    Scanned boot sectors: 2
    Scanned archives: 430
    Input-output errors: 11
    Scanned processes: 75
    Infected processes: 0
    Scanned registry keys: 967
    Infected registry keys: 0
    Scanned cookies: 15
    Infected cookies: 0


    The results of the custom scan set at critical detection are as follows:


    BitDefender Log File

    Product: BitDefender Antivirus 2010
    Version: BitDefender Antivirus Scanner
    Scanning task: Scan local drives
    Log date: 15/10/2009 8:25:31 PM
    Log path: C:\Users\George Green\AppData\Roaming\BitDefender\Desktop\Profiles\Logs\quick_0000\1255609531_1_01.xml

    Scan paths:path 0000: C:\

    Scan Level:Scan for viruses: Yes
    Scan for adware: Yes
    Scan for spyware: Yes
    Scan for applications: Yes
    Scan for dialers: Yes
    Scan for rootkits: Yes
    Scan for keyloggers: Yes

    Virus Scanning Options:Scan registry keys: Yes
    Scan cookies: Yes
    Scan boot sectors: Yes
    Scan memory processes: Yes
    Scan archives: Yes
    Scan runtime packers: Yes
    Scan e-mails: Yes
    Scan all files: Yes
    Heuristic Scan: Yes
    Scanned extensions: not configured
    Excluded extensions: not configured

    Target Processing:Default first action for infected objects: Disinfect
    Default second action for infected objects: Delete
    Default first action for suspect objects : Disinfect
    Default second action for suspicious objects: Delete
    Default action for hidden objects: None
    Default first action for encrypted infected objects: Disinfect
    Default second action for encrypted infected objects: None
    Default first action for encrypted suspicious objects: None
    Default second action for encrypted suspicious objects: None
    Default action for password-protected objects: Log only

    Scan Engines SummaryVirus signatures: 4349000
    Archive plugins: 44
    E-mail plugins: 6
    Scan plugins: 13
    System plugins: 5
    Unpack plugins: 8

    BasicScanned items: 73609
    Infected items: 4
    Suspect items: 0 (no suspected items have been detected)
    Hidden items: 0 (no hidden items have been detected during this scan)
    Resolved items: 4
    Unresolved items: 0 (no issues remained unresolved)

    AdvancedSkipped items: 74802
    Password-protected items: 0
    Over-compressed items: 0
    Individual viruses found: 1
    Scanned folders: 10052
    Scanned boot sectors: 2
    Scanned archives: 6
    Input-output errors: 11
    Scanned processes: 71
    Infected processes: 4
    Scanned registry keys: 967
    Infected registry keys: 0
    Scanned cookies: 15
    Infected cookies: 0

    Resolved issues:Object PathThreat NameFinal Status
    <System>=>C:\Program Files\Common Files\BitDefender\BitDefender Update Service\WSLib.dll [856] (disk)Trojan.Generic.IS.615449Deleted<System>=>C:\Program Files\BitDefender\BitDefender 2010\WSLib.dll [920] (disk)Trojan.Generic.IS.615449Deleted<System>=>C:\Program Files\BitDefender\BitDefender 2010\WSLib.dll [2796] (disk)Trojan.Generic.IS.615449Deleted<System>=>C:\Program Files\BitDefender\BitDefender 2010\WSLib.dll [1368] (disk)Trojan.Generic.IS.615449Deleted
    [/noparse]

    Questio here is, why were the Trojans located in the BitDefender program files? is BitDefender recognizing its own program files as a Trojan :blink:

    Somethings not quite right,but I cant put my finger on it.o_O
     
    Last edited: Oct 15, 2009
  2. Mizpah

    Mizpah Registered Member

    Joined:
    Oct 15, 2009
    Posts:
    1
    I had the same thing happen today. I had 2010 installed for about a month with daily scans reporting no viruses. A scan completed last night, and this morning it said there were no viruses. I just returned home, and no I have an alert that it blocked Trojan.GenericIS.615499 being accessed by svchost.exe, location: C:\Program Files\Bitdefender\Bitdefender 2010\wslib.dll.

    These past 6 hours, no one has been at the PC, it has just been here sitting here being idle. Maybe there is something wrong with an update in their definitions?
     
  3. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    RE: detection of BD - False-positive http://www.bitdefender.com/KB613

    RE: detecting file after its executed - was it a signature, behavioural or other detection? Was it detecting the file you executed or another file it may have downloaded or dropped? If its a downloader or dropper, the file downloaded or dropped may have been the detected one, which can happen, particularity with downloaders.

    RE: skipped files - I presume they're active system files which cant be scanned, although I dont know why there are so many - may be a hyperactive counter? Also not sure about the "Input-output errors". (sorry, don't use BD)
     
    Last edited: Oct 15, 2009
  4. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    I have to reprt that after blitzing BD with the test above, I uninstalled BD after it had said the system was clean of and risks. I then installed Kaspersky IS 2010, and to my shock it instantly found over 160000 trojans and other riskware :eek: can this be possible that BD is so shocking on detection and removal or did Kaspersky actually bluff me o_O
     
  5. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    Depends on where they are located and what they are detected as.
    If its in SystemVolumeInfo, its not really a threat unless its a virus.
     
Loading...
Thread Status:
Not open for further replies.