False Positive Generic.exploit.cve_20 Randomly Deletes Emails

Chimel

BDA 2010, Expert level, Default protection level, Windows 7 Ultimate x64 SP1

See bottom of the log. Files that were fine on the previous scan yesterday suddenly appear infected and individual emails from the same threads get deleted, which makes me suspect a bad signature detection rather than an infected mail.

These PST files are archived and not loaded in Outlook, there is no way these 11 mails would become infected.

Any idea:

1) why this is happening?

2) where I can find more information about all these "generic exploits" codes on bitdefender.com or on the web?

More information about what happened would also be welcome on the logs.

3) if there is a way to configure BitDefender not to delete individual emails in archived PST files as a first action, but to notify instead?

Side questions:

4) I had BitDefender Antivirus 2011 installed until last month, I had to reinstall my whole system a few days ago because of a Windows 7 SP1 snafu, but I can't find a download of BDA 2011 for existing users on bitdefender.com even though I'm logged in with my paying account. Am I doomed to stay on BDA 2010 and bug this forum with outdated versions of BDA?

5) I see the antivirus settings are set to "scan boot sector" (in Expert mode) but I can't find the "scan for rootkits" option mentioned elsewhere in this forum and in the logs. Any idea how to set it? I don't understand why this option is disabled by default, of course users want to scan for rootkits, these are the most serious types of infections in my experience.

Any partial answer on even just one of these questions is most welcome! ^-^

------------------------------

BitDefender Log File

Product: BitDefender Antivirus 2010

Version: BitDefender Antivirus Scanner

Scanning task: System Scan

Log date: 3/5/2011 2:00:02 AM

Log path: C:\ProgramData\BitDefender\Desktop\Profiles\Logs\full_scan\1299319202_1_01.xml

Scan paths:

Path 0000: C:\

Path 0001: \

Path 0002: F:\

Scan Level:

Scan for viruses: Yes

Scan for adware: Yes

Scan for spyware: Yes

Scan for applications: Yes

Scan for dialers: Yes

Scan for rootkits: No

Scan for keyloggers: Yes

Virus Scanning Options:

Scan registry keys: Yes

Scan cookies: Yes

Scan boot sectors: Yes

Scan memory processes: Yes

Scan archives: No

Scan runtime packers: Yes

Scan e-mails: Yes

Scan all files: Yes

Heuristic Scan: Yes

Scanned extensions: not configured

Excluded extensions: not configured

Target Processing:

Default first action for infected objects: Disinfect

Default second action for infected objects: None

Default first action for suspect objects : None

Default second action for suspicious objects: None

Default action for hidden objects: None

Default first action for encrypted infected objects: Disinfect

Default second action for encrypted infected objects: None

Default first action for encrypted suspicious objects: None

Default second action for encrypted suspicious objects: None

Default action for password-protected objects: Log only

Scan Engines Summary

Virus signatures: 6772276

Archive plugins: 46

E-mail plugins: 6

Scan plugins: 14

System plugins: 5

Unpack plugins: 10

Basic

Scanned items: 553199

Infected items: 11

Suspect items: 0 (no suspected items have been detected)

Hidden items: 0 (the scan options do not include scanning for rootkits)

Resolved items: 11

Unresolved items: 0 (no issues remained unresolved)

Advanced

Scan time: 02:51:45

Files per second: 53

Skipped items: 92022

Password-protected items: 0

Over-compressed items: 0

Individual viruses found: 8

Scanned folders: 90738

Scanned boot sectors: 4

Scanned archives: 143

Input-output errors: 62

Scanned processes: 31

Infected processes: 0

Scanned registry keys: 1299

Infected registry keys: 0

Scanned cookies: 50

Infected cookies: 0

Resolved issues:Object Path Threat Name Final Status

\Backup\Data\perso\mail\Orcas.pst=>[subject: ******][From: ******]=>(body) Generic.Exploit.CVE_20.0864A342 Deleted

\Backup\Data\perso\mail\Orcas.pst=>[subject: ******][From: ******]=>(body) Generic.Exploit.CVE_20.1EAE77EC Deleted

\Backup\Data\perso\mail\Orcas.pst=>[subject: ******][From: ******]=>(body) Generic.Exploit.CVE_20.1EAE77EC Deleted

\Backup\Data\perso\mail\Orcas.pst=>[subject: ******][From: ******]=>(body) Generic.Exploit.CVE_20.1EAE77EC Deleted

\Backup\Data\perso\mail\Orcas.pst=>[subject: ******][From: ******]=>(body) Generic.Exploit.CVE_20.1EAE77EC Deleted

\Backup\Data\perso\mail\Orcas.pst=>[subject: ******][From: ******]=>(body) Generic.Exploit.CVE_20.017EA260 Deleted

\Backup\Data\perso\mail\Orcas.pst=>[subject: ******][From: ******]=>(body) Generic.Exploit.CVE_20.A38AEFE4 Deleted

\Backup\Data\perso\mail\Orcas.pst=>[subject: ******][From: ******]=>(body) Generic.Exploit.CVE_20.1526C8D0 Deleted

\Backup\Data\perso\mail\STB.pst=>[subject: ******][From: ******]=>(body) Generic.Exploit.CVE_20.C8FEF63F Deleted

\Backup\Data\perso\mail\STB.pst=>[subject: ******][From: ******]=>(body) Generic.Exploit.CVE_20.3D155D9F Deleted

\Backup\Data\perso\mail\STB.pst=>[subject: ******][From: ******]=>(body) Generic.Exploit.CVE_20.F32C8F3F Deleted