Trojan.swizzor.gen.8

While playing Battlefield 2 Bitdefender detected Tojan.Swizzor.Gen.8 in C:\Program Files (x86)\EA Games\Battlefield 2\BF2ServerLauncher.exe on 03/02/2010 10:03:39 PM EST. I have included the log file below.

BitDefender Log File

Product: BitDefender Internet Security 2010

Version: BitDefender Antivirus Scanner

Scanning task: Deep System Scan

Log date: 3/2/2010 10:50:45 PM

Log path: C:\ProgramData\BitDefender\Desktop\Profiles\Logs\deep_scan\1267588245_1_02.xml

Scan paths:

Path 0000: C:\

Scan Level:

Scan for viruses: Yes

Scan for adware: Yes

Scan for spyware: Yes

Scan for applications: Yes

Scan for dialers: Yes

Scan for rootkits: Yes

Scan for keyloggers: Yes

Virus Scanning Options:

Scan registry keys: Yes

Scan cookies: Yes

Scan boot sectors: Yes

Scan memory processes: Yes

Scan archives: Yes

Scan runtime packers: Yes

Scan e-mails: Yes

Scan all files: Yes

Heuristic Scan: Yes

Scanned extensions: not configured

Excluded extensions: not configured

Target Processing:

Default first action for infected objects: Disinfect

Default second action for infected objects: None

Default first action for suspect objects : None

Default second action for suspicious objects: None

Default action for hidden objects: None

Default first action for encrypted infected objects: Disinfect

Default second action for encrypted infected objects: None

Default first action for encrypted suspicious objects: None

Default second action for encrypted suspicious objects: None

Default action for password-protected objects: Log only

Scan Engines Summary

Virus signatures: 5365657

Archive plugins: 44

E-mail plugins: 6

Scan plugins: 13

System plugins: 5

Unpack plugins: 8

Basic

Scanned items: 413111

Infected items: 22

Suspect items: 0 (no suspected items have been detected)

Hidden items: 0 (no hidden items have been detected during this scan)

Resolved items: 5

Unresolved items: 17

Advanced

Scan time: 01:16:29

Files per second: 90

Skipped items: 60943

Password-protected items: 0

Over-compressed items: 0

Individual viruses found: 1

Scanned folders: 31950

Scanned boot sectors: 4

Scanned archives: 3028

Input-output errors: 55

Scanned processes: 51

Infected processes: 0

Scanned registry keys: 978

Infected registry keys: 0

Scanned cookies: 41

Infected cookies: 0

Ignored objects:Object Path Threat Name Final Status

C:\Program Files\Bohemia Interactive\ArmA 2\BattlEye\UnInstallBE.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files\Bohemia Interactive\ArmA 2\uninstall.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Vista\cccprev.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\Electronic Arts\EADM\EACoreCLI.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\Electronic Arts\EADM\Login.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\Electronic Arts\EADM\PatchProgress.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\1.10.6\setup.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\Phyxion.net\Driver Sweeper\Backup\09-12-09-17-30-31\ATI - Display\Directories\ATi\Support\9-11_vista64_win7_64_dd_ccc_wdm_enu\Driver\Packages\Apps\CatalystRegistration\CatalystRegistration.msi=>(Embedded CAB)=>ATICustomerCare.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\Phyxion.net\Driver Sweeper\Backup\09-12-09-17-30-31\ATI - Display\Directories\ATi\Support\9-11_vista64_win7_64_dd_ccc_wdm_enu\Driver\Packages\Apps\CCC\Graphics-Previews-Vista\ccc-graphics-previews-vista.msi=>(Embedded CAB)=>_12C1B7B404EB4DC180D98125B87C3715 Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\Phyxion.net\Driver Sweeper\Backup\09-12-09-18-24-45\ATI - Display\Directories\ATi\Support\9-10_vista64_win7_64_dd_ccc_wdm_enu\Driver\Packages\Apps\CatalystRegistration\CatalystRegistration.msi=>(Embedded CAB)=>ATICustomerCare.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\Phyxion.net\Driver Sweeper\Backup\09-12-09-18-24-45\ATI - Display\Directories\ATi\Support\9-10_vista64_win7_64_dd_ccc_wdm_enu\Driver\Packages\Apps\CCC\Graphics-Previews-Vista\ccc-graphics-previews-vista.msi=>(Embedded CAB)=>_EA404862D0C447328DF5DF688DEC6EA1 Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\Phyxion.net\Driver Sweeper\Backup\09-12-09-18-49-20\ATI - Display\Directories\ATi\Support\9-9_vista64_win7_64_dd_ccc_wdm_enu\Driver\Packages\Apps\CatalystRegistration\CatalystRegistration.msi=>(Embedded CAB)=>ATICustomerCare.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\Phyxion.net\Driver Sweeper\Backup\09-12-09-18-49-20\ATI - Display\Directories\ATi\Support\9-9_vista64_win7_64_dd_ccc_wdm_enu\Driver\Packages\Apps\CCC\Graphics-Previews-Vista\ccc-graphics-previews-vista.msi=>(Embedded CAB)=>_4BB12A553A6C4C47A9795E2058E96F8E Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\Phyxion.net\Driver Sweeper\Backup\09-12-17-19-06-53\ATI - Display\Directories\ATi\Support\9-11_vista64_win7_64_dd_ccc_wdm_enu\Driver\Packages\Apps\CatalystRegistration\CatalystRegistration.msi=>(Embedded CAB)=>ATICustomerCare.exe Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

C:\Program Files (x86)\Phyxion.net\Driver Sweeper\Backup\09-12-17-19-06-53\ATI - Display\Directories\ATi\Support\9-11_vista64_win7_64_dd_ccc_wdm_enu\Driver\Packages\Apps\CCC\Graphics-Previews-Vista\ccc-graphics-previews-vista.msi=>(Embedded CAB)=>_12C1B7B404EB4DC180D98125B87C3715 Trojan.Swizzor.Gen.8 Infected (ignored, user did not have the proper access rights)

Resolved issues:Object Path Threat Name Final Status

C:\ATI\Support\9-12_vista64_win7_64_dd_ccc_wdm_enu\Driver\Packages\Apps\CatalystRegistration\CatalystRegistration.msi=>(Embedded CAB)=>ATICustomerCare.exe Trojan.Swizzor.Gen.8 Archive moved to Quarantine

C:\ATI\Support\9-12_vista64_win7_64_dd_ccc_wdm_enu\Driver\Packages\Apps\CCC\Graphics-Previews-Vista\ccc-graphics-previews-vista.msi=>(Embedded CAB)=>_E75E7C2D770045AA9BDC6E84D2886E2B Trojan.Swizzor.Gen.8 Archive moved to Quarantine

C:\dell\drivers\R223611\R223611\Nero 9 Essentials\unit_app_50\CG90B.cab=>NeroGadgetCMServer.exe Trojan.Swizzor.Gen.8 Archive moved to Quarantine

C:\dell\drivers\R223611\R223611\Nero 9 Essentials\unit_app_76\NOU90B.cab=>NeroOnlineUpgrade.exe Trojan.Swizzor.Gen.8 Archive moved to Quarantine

C:\Program Files (x86)\Steam\steamapps\common\railworks\ConvertToGEO.exe Trojan.Swizzor.Gen.8 Moved to Quarantine

Find more posts tagged with

Comments

sulaiman.asari

Hi Ryan,

I got the same problem. Looks like a number of my exe which resides in the program files have been labeled as malicious by Bitdefender. Last update of Bitdefender was today. I am using bitdefender total security 2010.

Is Bitdefender buggy or are the files really malicious?

Lehman

testtube13

Hey guys-

I posted in a thread right under this one, but a few of us are having the same problem too. Legit files all over my comp are coming up as infected with Trojan.swizzor.gen.8

Hopefully it's just a false positive or a quirk that they'll fix. Because it's hard to believe that a lot of my .exe files are suddenly somehow infected. I've scanned with several other companies, and all of them came up clean. So I'm not sure what's going on. If either of you come up with anything, keep me posted.

Oh, and I'm using Internet Security 2008.

Throbb

Hey guys-

I posted in a thread right under this one, but a few of us are having the same problem too. Legit files all over my comp are coming up as infected with Trojan.swizzor.gen.8

Hopefully it's just a false positive or a quirk that they'll fix. Because it's hard to believe that a lot of my .exe files are suddenly somehow infected. I've scanned with several other companies, and all of them came up clean. So I'm not sure what's going on. If either of you come up with anything, keep me posted.

Oh, and I'm using Internet Security 2008.

Having the same issue here.

sulaiman.asari

Having the same issue here.

Anyone of you raised this to BitDefender?

Ryan C.

Hi Ryan,

I got the same problem. Looks like a number of my exe which resides in the program files have been labeled as malicious by Bitdefender. Last update of Bitdefender was today. I am using bitdefender total security 2010.

Is Bitdefender buggy or are the files really malicious?

Lehman

I think that answers everything it wouldn't surprise me if this turns out to be a case of false positive.

herman_melville

you are not the only one. BitDefender is claiming that Logitech SetPoint is a malware...

csalgau

Dear users,

Please ensure that you have the latest update and scan your computer again.

The mentioned detection has been removed sometime this morning.

itsevilla

Hi Guys, i'm having the same problem and so has it been determined that the issue is actually avirus or not? I ran my 2008 total security last night and it found 32 infected areas and deleted 22 of them. Now showing 9 still there but no action can be taken.

The clean temp file feature also is acting funny cause it will run and then tell me "the task was canceled by the user" (????).

I'll reupdate this morning and see what happens.

Also does anyone know how i can fix the firewall being disabled in windows 7? my 2008 expires in 4 months but i don't want to purchase the 2010 if it will have the same issue. Thanks.

csalgau

@itsevilla: So are you having detections or not?

testtube13

Dear users,

Please ensure that you have the latest update and scan your computer again.

The mentioned detection has been removed sometime this morning.

Hi Catalin-

Thanks for the response. After a few updates, my Bitdefender finally stopped picking up all of the false positives. Thanks for the response. That was a weird fluke!

internetgoinnutz

Dear users,

Please ensure that you have the latest update and scan your computer again.

The mentioned detection has been removed sometime this morning.

Thanks.

Trojan.swizzor.gen.8 doesn't come up anymore. It did pick up on the following, which I deleted.

ect Name Threat Name Final Status

C:\Users\****\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\6e736388-1c56e60c=]AppletX.class Java.Exploit.Smid.A Deleted

C:\Users\****\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\22ddddcf-4bbfcfeb=]myf/y/BrodagF.class Java.Trojan.Exploit.Bytverify.I Deleted

C:\Users\****\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\22ddddcf-4bbfcfeb=]myf/y/LoaderX.class Java.Trojan.Exploit.Bytverify.I Deleted

C:\Users\****\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\53810d77-5f07d34c=]myf/y/AppletX.class Java.Trojan.Exploit.Bytverify.I Deleted

C:\Users\****\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\25e72a3d-6a709699=]myf/y/AppletX.class Java.Trojan.Exploit.Bytverify.I Deleted

I still have a lot of files in my quarantine folder that are supposedly infected with "trojan.swizzor.gen.8" and "dropped:trojan.swizzor.gen.8." I have both "scan quarantined files after update" and "restore clean files" checked but they're still there.

L.o.D.

I was just coming here to post this as I got the same thing but with the latest nvidia graphics installer.

On my 2nd PC, it detected it in an already installed logitech device.

Never got it with BC2 last night though. So that is kinda odd.

hhakimi

I am also struggling with same issue.

It started yesterday - 03 March 10, an application AV.exe tried accessing internet. Bit defender said program is clean and recommended action would be allow the program - I did that and suddenly see Windows Security 2010 pop up asking me to register, which I denied and Bit defender also started showing virus to all the programs.

I rebooted system so that in anything resident in memory gets wiped off, but no luck. and also have taken off the system of the network completely. things got worse as it had disassociated .exe file registry extension and it always asked which application to open an executable. Using another computer, searched on issues I was having with even opening executables - users mentioned Windows Secuirty 2010 is fake malware program which is creation of some black hat bee developers out there :mellow: !!!

got a registry fix, which fixed the registry association. Started Bit defender it detected trojan on number of files - for the programs I could have downloaded again or reinstalled it - I have deleted those files and this process is still continuing. Still there are 13 files left infected - Trojan.swizzor.gen.8 which am finding hard. One is logitech driver, which I even tried but trojan would not allow me to

is there fix for this issue or something?

I found this link while searching on this issue: http://www.pcthreat.com/parasitebyid-6946en.html.

Does the solution hold if one is using Windows Vista?

Nientech

Updating the virus defs from this morning worked. But, now I've got the nagging feeling in me that they only removed the definition to stop the false positives. Are we still protected from this trojan?

L.o.D.

When I had the BD warning, I scanned said files with Microsoft Security Essentials & Malwarebytes & they were clean.

You can also use this http://virusscan.jotti.org/en-gb

Upload said file & they scan it with multiple AV apps.

WallyFtw

I created a post on this. I scanned with BD for 2 hours only to find 100 infected files. Then I ran MBAM and found that my system was completely clean. MBAM was right, BD had some kind of bug. Update BD and it'll fix its self.

itsevilla

@itsevilla: So are you having detections or not?

Catalin,

I ran the updates agin this morning and then ran the deep scan. i just got home and the deep scan shows the prior found visures are no longer there. I am new to this so just to clarify, the warning was a problem with the software and my system was actually not infected by a virus?

Either way, thanks for the help.

internetgoinnutz

I created a post on this. I scanned with BD for 2 hours only to find 100 infected files. Then I ran MBAM and found that my system was completely clean. MBAM was right, BD had some kind of bug. Update BD and it'll fix its self.

What did you do with the files that were in quarantine? Did you restore them manually or did you just leave them in there?

scblair

I was just coming here to post this as I got the same thing but with the latest nvidia graphics installer.

I got the same when I tried to update from nvidia. While it could be a false positive, I'm going to wait a bit before trying again.

L.o.D.

I got the same when I tried to update from nvidia. While it could be a false positive, I'm going to wait a bit before trying again.

I scanned with 2 other known apps. So it is safe.