Bitdefender finds trojan in Bitdefender file

Discussion in 'other anti-virus software' started by Iangh, Sep 3, 2005.

Thread Status:
Not open for further replies.
  1. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    611
    Location:
    Melbourne, Australia
    I've just ran a scan with Bitdefender 8 Free and got this

    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Infected Trojan.Downloader.Vbs.Small.S
    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Disinfection failed
    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\Plugins\emalware.cvd Moved

    I deleted it and re-scan to find it is still there.

    I'm surprised it is showing up in a Bitdefender file.

    Should I be concerned? Should I do anything else?

    Ian
     
  2. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Run an online scanner such as F-Secure. http://support.f-secure.com/enu/home/ols.shtml
     
  3. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
  4. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    611
    Location:
    Melbourne, Australia
    Firecat

    I thought about using Jotti but I can't see emalware.cvd, I can see emalware.ivd and emalware.xmd.

    Bitdefender is finding a file I cannot see?

    Hammer

    F-secure doesn't get rid of trojans according to site. Should I still bother to use it?

    Ran Escan yesterday and it didn't find anything using KAV signatures.

    Thanks
    Ian
     
  5. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    If KAV signatures didn't find it, F-Secure will most probably not find it either. Try contacting BitDefender support.
     
  6. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Panda does. http://www.pandasoftware.com/products/activescan/com/activescan_principal.htm
     
  7. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    611
    Location:
    Melbourne, Australia
    I just ran the quarantine file through jotti and all clear.

    I'll email Bitdefender and see what they say.

    Thanks
    Ian
     
  8. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    611
    Location:
    Melbourne, Australia
    Live support at BD tell me it is a false-positive.

    You can't help but be impressed by companies that offer live support.

    Ian
     
  9. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    BD gave me the same message this AM. I remembered this thread from yesterday, and figured it was a false positive. I am glad the BD team is aware of it. I guess they will take care of it in an update.

    Thanks for the info.
    Jerry
     
  10. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    I just completed a scan with BD and came up clean. Maybe the BD team fixed it with the latest updates.
    I hope so.
    Jerry
     
  11. Tom772

    Tom772 Guest

    hi guys, i get the same problem, yesterday BD couln't clean the file, so it moved it to the 'infected' file folder in program files. Today there was a large update that seems to have sorted the probelm!! All very strange, Imagine a AV trying to clean itself!!:) T
     
  12. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    I heavily suspected the problem to be a case of FPs, because of the fact that KAV signatures did not find anything, and jotti too came up negative.

    And yes, BD's support impressed me very very much. :)
     
  13. Kielty

    Kielty Registered Member

    Joined:
    May 3, 2005
    Posts:
    139
    Location:
    The Emerald Isle
    Same problem here. BD support was excellent. They advised a mistake at their end in the update file. Told not to worry all is ok...

    Very impressed with the support.
     
  14. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    This is the first time i see AV picks its OWN files as malware. Funny indeed :D
     
  15. Tweakie

    Tweakie Registered Member

    Joined:
    Feb 28, 2004
    Posts:
    90
    Location:
    E.U.
    It happened a long time ago with a rebadged version of Viguard (In-Defense). The funny thing is that it happened during a test performed (and published) by the Virus Bulletin.

    http://www.virusbtn.com/issues/virusbulletin/backissues/1998/199811.pdf
     
  16. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    611
    Location:
    Melbourne, Australia
    What I didn't post in my initial post is that a few weeks earlier BD found a trojan in Ewido uninstall.

    After an update it wasn't there.

    Strange.

    Ian
     
Loading...
Thread Status:
Not open for further replies.