You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/
Thank you for your understanding.
Trojan.generic - Possibly False Positive?
Hello,
since I'm getting no response in the German subforum, I'll try it in here.
After I was visiting some critical sites (since my ordered XP serial hasn't arrived yet I had to reset the 30 days of activation time) I did a deep scan with the installed BD 2008. It didn't find anything (despite the usual false positives).
Then I installed the latest IE patch and rebooted. Some time after the reboot BD detected a virus and gave the following warning: File F:\System Volume Information\_restore{242F4D54-AB2F-4AE7-99D6-1D3C00C16D2F}\RP44\A0010131.exe infected with Trojan.Generic.1198923.
Of course the virus was deleted immediately, further I deactivated System Restore and scanned with many other antivirus/spyware-tools. Although one of them reported some BD files as corrupted (onlinecheck with meta-virus-scan showed it was a false positive) and some others reported some other false positives, no real threat could be found.
Now it seems kind of strange to me that 1.) there was no warning in the virusscan, and 2.) the infected file was in the System Volume Information folder right after I installed a IE update. For me it looks like a false positive, any comments on this?
Thanks in advance,
Oli
Comments
-
If you can still find that file, please submit it for analysis. If it's indeed a false positive, detection will be removed.
Here are some hints about ho to access the System Volume Information folder: http://forum.bitdefender.com/index.php?showtopic=3575 Be sure to undo any changes afterwards.
To attach a file, put it in a password-protected archive, ZIP or RAR (with the password infected).
If you don't have the file anymore, I don't believe that anyone can comment on this. As long as a sample cannot be checked, there's no way of telling if it's a false alarm or not.
Cris.0 -
Bitdefender deleted the file automatically. A data restore program couldn't restore it either. I was just wondering if more users were experiencing the problem after the latest IE update but it doesn't seem so.
Thanks for the respond.
Oli0 -
One more question..
I'm kind of unsure on how to act now, after the possible infection. Would it be exaggerated to backup my personal data via Linux LiveCD on a external storage device, format the whole hard drive and reinstall Windows? I've read that after an infection the HD should possibly be formatted and set up completely new.
I'm experiencing the issue that my USB hub which worked perfectly stopped working since the virus was found and deleted. It's now marked as "unknown device". Can this be symptomatic for further malware infection?
Thanks,
Oli0 -
A full system reinstall seems to me a bit too radical. I always keep this solution as a last resort, in case the infection cannot be removed, or if it's too severe to be able to recover the system. Wherever you saw the advice that after every infection you should format and reinstall, it means that the author of that advice has no idea what a computer and/or an infection is.
My advice: don't reinstall, if you don't have other problems.
The USB hub might got broken fro completely other reasons, not malware infections. It's not the first time when drivers get corrupt. Just try to uninstall the hub (from Device Manager, click Uninstall), reboot, then reinstall the hub using the original drivers and reboot again.
Cris.0 -
Dear user,
What we have in storage for that detection looks like a corrupted install package for Zatoo. Unfortunatelly, as the file is damaged I cannot be certain that the rest of the files in the installer are clean as well so as to remove detection.
As I understand that the Zattoo service is in an invitation only beta stage. I am unable to obtain a copy of the installer directly from their homepage.
If you are a user of the service, please check if the installer package is detected and if so, kindle attach it to a post here. Only BitDefender Labs staff and moderators are allowed to download files from this section and as policy your data will not be used for other purposes.
As for backing up and formatting your drive, backing up is always a good idea, buy I strongly believe you do not need to reinstall now.
Thank you for understanding.0
