Trojan.generic.1341028

Bitdefender updated its scanning engine and definition files today and it caught two things that I think are false positives.


First is : C:\System Volume Information\_restore{DD367800-8869-466B-B16F-50017ADB4F5D}\RP335\A0034626.exe (which i know there have been previous questions regarding false positives).


Second is the 0.8 version of Mozilla Sunbird installer (sunbird-0.8.en-US.win32.installer.exe)


The interesting thing about the second one is this has been sitting on my hard drive now for several months untouched. Previous full system scans have detected nothing, but after the update it decided to tag it as a trojan (Trojan.Generic.1341028).


Unfortunately Bitdefender deleted the files and I cannot upload them for analysis.


It is important to note that I run two virus scanners on my pc (BD and Norton) and Norton has not tagged any of these as containing trojans.


Did the latest update the the Scanning engine make it a bit twitchy?


Thanks.

Comments

  • csalgau
    csalgau ✭✭
    edited January 2009

    Dear user,


    Files residing in System Volume Information should never be taken by name. they are renamed by the System Restore Service as it deems appropriate. Unless you are able to provide a detection name or the file I can't even guess what that file is.


    The Mozilla Sunbird installer was indeed a false positive (caused by an incomplete file on our end) and detection will be removed with the next update. You may download the Mozilla Sunbird installer from http://www.mozilla.org/projects/calendar/s...d/download.html . The older .8 release can be found at http://www.mozilla.org/projects/calendar/s...wnload_old.html along with other older builds.


    One important thing to note is that having more than one antivirus solution on your computer can do more harm than good, regardless of products.


    The fact is that while the products may not slow down your computer on their own, when combined most products use the same kind of techniques to intercept data and this results in all products scanning every file. This can both slow down your computer and occasionally break other programs.


    Also note that depending on the order the products start, one antivirus may deny access to some files to the other which can only lead to problems.


    Thank you for submitting.

  • Dear user,


    Files residing in System Volume Information should never be taken by name. they are renamed by the System Restore Service as it deems appropriate. Unless you are able to provide a detection name or the file I can't even guess what that file is.


    The Mozilla Sunbird installer was indeed a false positive (caused by an incomplete file on our end) and detection will be removed with the next update. You may download the Mozilla Sunbird installer from http://www.mozilla.org/projects/calendar/s...d/download.html . The older .8 release can be found at http://www.mozilla.org/projects/calendar/s...wnload_old.html along with other older builds.


    One important thing to note is that having more than one antivirus solution on your computer can do more harm than good, regardless of products.


    The fact is that while the products may not slow down your computer on their own, when combined most products use the same kind of techniques to intercept data and this results in all products scanning every file. This can both slow down your computer and occasionally break other programs.


    Also note that depending on the order the products start, one antivirus may deny access to some files to the other which can only lead to problems.


    Thank you for submitting.


    Thanks for the quick response. Im betting dollar to donuts that the file in the system volume archive was the backup of the sunbird installer.