False Positive On X64 - Trojan.fakealert.5 - Bd 2009

Due to a recent update for Windows 64-bit systems it is possible that BitDefender detects several Windows and BitDefender files as infected with Trojan.FakeAlert.5. Following this event, in some instances BitDefender and/or Windows did not work properly anymore (PC failed to boot or certain applications did not function due to the fact that the files have been moved to Quarantine).


We have created a patch that will restore BitDefender and the quarantined files. If BitDefender is not affected perform an update (right click on the BitDefender system tray icon and choose "Update Now" - or check KB ARTICLE #572 for detailed information on how to update) in order to correct the issue.


If you cannot update BitDefender or the update did not fix the situation follow the instructions in KB ARTICLE #638.


AN UPDATED VERSION OF THE 2010 PATCH HAS BEEN RELEASED


PLEASE CHECK THIS KB ARTICLE FOR MORE INFORMATION ON HOW TO RUN IT.


NOTE:


-The patch will not leave any files in Quarantine after running.


-The 2009 and 2010 patches have been implemented via Automatic Update of your


BitDefender (if Bitdefender is running properly).


-For version 2008 a patch will soon be released (we will keep you posted with upcoming events in this section).


-After running the patch,a system restart is required.


We would like to convey our apologies in regards to the situation created.

Comments

  • i downloaded and saved the patch for BD2009...when i run it it says that the BD update service has stopped working... what should I do? How do I restore the files in the quarantine? pls help

  • Due to a recent update for Windows 64-bit systems it is possible that BitDefender detects several Windows and BitDefender files as infected with Trojan.FakeAlert.5. Following this event, in some instances BitDefender and/or Windows did not work properly anymore (PC failed to boot or certain applications did not function due to the fact that the files have been moved to Quarantine).


    We have created a patch that will restore BitDefender and the quarantined files. If BitDefender is not affected perform an update (right click on the BitDefender system tray icon and choose "Update Now" - or check KB article #446 for detailed information on how to update) in order to correct the issue.


    If you cannot update BitDefender or the update did not fix the situation follow the instructions in KB article #638.


    We would like to convey our apologies in regards to the situation created.


    When u say it is not affected what do u mean? somehow now my BD 2009 stopped putting files into quarantine ....i saved the patch BD 2009 but cannot run or install it...it says Bd update service stopped working. What should I do?

  • My computer somehow works fine now!!! weird...dont know how and what i did....tried to run the patch though...it cannot be run....but there is still a lot of files in the quarantine...what the heck is going on!!!!!!! do i keep those files there? cant restore them now- says cannot find the specified path or something...what's GOING ON with My computer? is it fine? pls help...be quicker pls...ppl are having problems-created by your company---so be more responsive pls...we need help NOW!!

  • My computer somehow works fine now!!! weird...dont know how and what i did....tried to run the patch though...it cannot be run....but there is still a lot of files in the quarantine...what the heck is going on!!!!!!! do i keep those files there? cant restore them now- says cannot find the specified path or something...what's GOING ON with My computer? is it fine? pls help...be quicker pls...ppl are having problems-created by your company---so be more responsive pls...we need help NOW!!


    Do your computer and BitDefender work fine now? For a file that you are trying to restore tell me the name, path and detection; also, what is the exact error message that you get when trying to restore a file?

  • Patch is not working


    (Vista 64 Ultimate German - Bitdefender Internet Security 2009 v. 12.0.12.1 German)


    Following error message during the installation:


    "livesrv.exe - Einsprungpunkt nicht gefunden"


    Der Prozedureinsprungpunkt


    "WSUtilZlibGunzipFd" wurde in


    der DLL "WSUtils.dll" nicht gefunden.


    From the event-viewer (application):


    Fehlerhafte Anwendung livesrv.exe, Version 12.0.12.37, Zeitstempel 0x4ac1c24a, fehlerhaftes Modul WSUtils.dll!WSUtilZlibGunzipFd, Version 6.0.6002.18005, Zeitstempel 0x49e0421d, Ausnahmecode 0xc0000139, Fehleroffset 0x00000000000b8fb8, Prozess-ID 0x1228, Anwendungsstartzeit 01cac981edd8021d.


    So the "Bitdefender Update Service" is still not available at all(greyed out).


    (livesrv.exe is not working and can't be started over service.msc).


    You have to know that i used the patch for BD2010 yesterday, cause NOBODY indicated


    that this former patch is only intended for 2010.


    I'm really frustrated!!!!!!!!!!!!!

  • presmanno
    edited March 2010


    I'm in the same situation as quardion (except for mine is Italian), the patch returned to errors, one related do bdutils and another to wsutils.


    By the way the quarantined file gone away, so I must suppose that they have been restored, but I cannot perform any update. The Update Now button is greyed out as well as all the settings.


    I applied the 2010 patch yesterday (or the day before) because this is what you told us to do.


    Should I upgrade to BitDefender 2010?

  • Patch is not working


    (Vista 64 Ultimate German - Bitdefender Internet Security 2009 v. 12.0.12.1 German)


    Following error message during the installation:


    "livesrv.exe - Einsprungpunkt nicht gefunden"


    Der Prozedureinsprungpunkt


    "WSUtilZlibGunzipFd" wurde in


    der DLL "WSUtils.dll" nicht gefunden.


    From the event-viewer (application):


    Fehlerhafte Anwendung livesrv.exe, Version 12.0.12.37, Zeitstempel 0x4ac1c24a, fehlerhaftes Modul WSUtils.dll!WSUtilZlibGunzipFd, Version 6.0.6002.18005, Zeitstempel 0x49e0421d, Ausnahmecode 0xc0000139, Fehleroffset 0x00000000000b8fb8, Prozess-ID 0x1228, Anwendungsstartzeit 01cac981edd8021d.


    So the "Bitdefender Update Service" is still not available at all(greyed out).


    (livesrv.exe is not working and can't be started over service.msc).


    You have to know that i used the patch for BD2010 yesterday, cause NOBODY indicated


    that this former patch is only intended for 2010.


    I'm really frustrated!!!!!!!!!!!!!


    I'm in the same situation as quardion (except for mine is Italian), the patch returned to errors, one related do bdutils and another to wsutils.


    By the way the quarantined file gone away, so I must suppose that they have been restored, but I cannot perform any update. The Update Now button is greyed out as well as all the settings.


    I applied the 2010 patch yesterday (or the day before) because this is what you told us to do.


    Should I upgrade to BitDefender 2010?


    @both: If the files have been restored from quarantine (please check that) you can repair BitDefender in order to restore functionality.

  • @both: If the files have been restored from quarantine (please check that) you can repair BitDefender in order to restore functionality.


    How can I repair BitDefender?

  • How can I repair BitDefender?


    Start → Programs → BitDefender 2009 → Repair or Remove


    Here you select Next and Repair.

  • Start → Programs → BitDefender 2009 → Repair or Remove


    Here you select Next and Repair.


    The only available option is Remove, the Repair button is greyed out.

  • The only available option is Remove, the Repair button is greyed out.


    Use this tool in order to clear the current installation, reboot and then reinstall BitDefender:


    http://www.bitdefender.com/uninstall

  • had the same symptom - no repair of BD possible,


    but the rest of the files in quarantine were restored.


    so i used the uninstall tool and then reinstalled bitdefender,


    like you said. now everything seems to work fine at the moment.


    thank you folks for your efforts. but i also have to criticise - the time


    needed for a practicable solution was too long!


    and now the closing question: will there be any compensation for


    the affected customers??

  • I have here the 2009 Antivirus running.


    After the automatic update some minutes ago, my quarantine folder is now empty.


    I hope the files are restored and not only deleted.


    My Windows Vista x64 seem to run fine again.


    But I'm not sure if the automatic update of BitDefender is running correct.


    It shows me:


    Engine Version: 7.30848


    Virensignaturen (Signatures): 5474032


    (This is a German Version)


    The Engine Version and the Signatures are the same like yesterday. Shouldn't be there some changes after an update?


    Could anyone of you tell me if this is the latest version for the 2009 Antivirus?

  • When the system quarantined the files, I could no longer access BD or the internet.. the device manager shows the BD firewall to be causing connection problems to the net.. Did an uninstall to BDIS09 and was then able to access the net. Hence once accessing the net found the bad update info. Reinstalling the Same version of BD found my Quarnatine folder empty... what was the loacation of the Quarantine folder? I can use a recovery software to maybe recover my files, but my system had thousands of missing exe and other files.. I can't believe that it even loads...

  • Do your computer and BitDefender work fine now? For a file that you are trying to restore tell me the name, path and detection; also, what is the exact error message that you get when trying to restore a file?


    nevermind about the files cuz they were related to some programs I don't have anymore.. is it safe to uninstall n install BD 2009 again? Have no cd so online? or can I install the 2010 with No charge? If yes how? Should I keep the real time scanning on once I install the new thing? In other words is everything safe now? Let us know pls- dong wanna run into same problems again.

  • Do your computer and BitDefender work fine now? For a file that you are trying to restore tell me the name, path and detection; also, what is the exact error message that you get when trying to restore a file?


    These are the only files in quarantine. cant restore them.


    file names:


    mpengine.dll


    ....bdcore.dll


    The message is : The system cannot find the specified path.


    also what should i do with the BD 2009 now...not sure if it is working properly...do i perform an update now and a scan ?


    you guys should let us install the total security 2010 for free as a compensation....i dont trust the BD2009 anymore...pls get back to me...


    with these two files still in quarantine is it bad idea to uninstall BD 2009? im thinking of switching to kaspersky....pls help us if you want us to still be your customers... i want a safe antivirus from this point on...

  • I have run the update and there are three remaining files in my quarantine. Just like huhuhu, I am getting the message "The system cannot find the specified path". The three files are:


    outlfltr.cab


    xlconv.cab


    mpengine.dll


    Interesting that we are both missing that last one (mpengine.dll).


    I get a message on logon saying a certain IM32FAX.DIL cannot be found, but I think this is forthe fax on my printer. I will try to uninstall/reinstall and see if it fixes it.


    Otherwise, almost everything seems to be working okay so far, except for my HP Mediasmart, which doesn't open anything. I don't get an error message or anything, it just won't open. Hopefully that is the only program that won't work. I haven't come across anything else. Yet.

  • I am in similar situation to all the above; my AV sw is 2009 Shield Deluxe which uses the BD engine. SD 2009 does not respond to my queries about patches, and there have been no automatic updates since the mess. Can I use the 2009 BD patch, like the rest of BD users??


    Also, will that BD patch restore all the BDQ files in my quarantine folder? (they are all only false positives from the BD av update mess)? Finally, will the 'false positive' be removed from all my files?? I am considering switching to another AV sw - If I do that, will I be stuck with this false positive mess for the rest of my life??

  • Ummm...yeah....is anyone going to answer our questions???

  • Ummm...yeah....is anyone going to answer our questions???


    yeah...so unprofessional....they created a huge mess and now cant even help ppl....very unprofessional....

  • These are the only files in quarantine. cant restore them.


    file names:


    mpengine.dll


    ....bdcore.dll


    The message is : The system cannot find the specified path.


    also what should i do with the BD 2009 now...not sure if it is working properly...do i perform an update now and a scan ?


    you guys should let us install the total security 2010 for free as a compensation....i dont trust the BD2009 anymore...pls get back to me...


    with these two files still in quarantine is it bad idea to uninstall BD 2009? im thinking of switching to kaspersky....pls help us if you want us to still be your customers... i want a safe antivirus from this point on...


    The upgrade from version 2009 to 2010 of BitDefender is free of charge.


    Full instructions on how to upgrade are available at:


    http://forum.bitdefender.com/index.php?act...f=130&id=17


    Please use our uninstall tool to completely remove the previous version:www.bitdefender.com/uninstall

  • I have run the update and there are three remaining files in my quarantine. Just like huhuhu, I am getting the message "The system cannot find the specified path". The three files are:


    outlfltr.cab


    xlconv.cab


    mpengine.dll


    Interesting that we are both missing that last one (mpengine.dll).


    So are you trying to tell us that upgrading to 2010 is going to fix the above stated problem? Because you never said that specifically, you only said that upgrading is free and gave instructions on how to do it. I don't care if I have 2010, because frankly, after this I'm not so sure I'll be a BitDefender customer anymore. I certainly won't if I don't get a straight answer about these missing files: how do I restore them, or do they even need to be restored? I don't know what kinds of files these are, but I don't want to delete them out of the quarantine without knowing if I need them or not. And I don't want to uninstall BitDefender 2009 and have them disappear never to return. I can tell you that they are not duplicates - I checked the file path where these are supposed to exist, and they are NOT on my computer. So they are not copies of any kind.


    Huhuhu, did you try upgrading yet? Did it restore your remaining quarantined files?

  • Forget it...I replaced BitDefender with something else and am washing my hands of this whole thing. It's been just over a week and still not even an acknowledgment to my question. Whatever. My system runs considerably faster now that I've removed BitDefender, anyway. I've run various antivirus programs and security programs on my two computers over the years, and NEVER have I had anything like this happen. I haven't even made it through a year's subscription with this one. And then to have to repeatedly ask for some attention to one question? I can almost forgive a faulty product if the customer service is good, but since that isn't the case here (at least for me personally), I've just taken a loss on the money I spent and moved on. Ridiculous.


    Hope everyone else gets their problems solved...

  • I've tried patches without result. I was forced to buy another HD and did re-install everything (I'm still unable to have the quanrantined files back....deep ######). Support stopped after 2 email when they saw the result. I'm quite ready to switch to another product when I see the way they use us as beta tester instead.


    I'm now having BdfNdisf6.sys BSOD on my new install. How can they explain that???

This discussion has been closed.