Intrusion Detection Of Firewall Detects Potentially Malicious Process But The Process Is Blank.

edited January 2012 in Firewall

In Bitdefender window -> Events ->Firewall, under Intrusion Detection tab, there was an entry: Potentially malicious process detected, but in the Event Details, Process: (blank, no program name as other entry had), this happens at every start up, how can we know what process it was?


(This post might be in Bitdefender 2012 Products as I have upgrade to Bitdefender Internet Security 2012.)

Comments

  • edited January 2012

    The “Potentially malicious process” were detected on January 5, 6, 7 2012, no entry before and no entry after those date. Why? (I did not install or uninstall anything and did not add or remove any start up item).


    When I checked Intrusion Detection again today, the list is empty! Why? (I have not deleted any entry)

  • That mysterious malicious process recurred on Jan 22 2012 at 09:01:46

  • Hello :)


    I need some logs to further investigate this issue.


    Please follow the steps explained in the article below and send me via PM the generated log file:


    http://forum.bitdefender.com/index.php?showtopic=29927


    If you were already asked to generate the log file, disregard the message above and just post the ticket ID.


    Thank you.

  • That mysterious malicious process recurred again on 16 February 2012 9:28:28


    The Intrusion Detection list is automatically cleared every few days (I do not delete anything). Why?

  • Hello :)


    Could you please send me a screenshot?


    I have received your logs.


    Thank you.

  • The Intrusion Detection list is automatically cleared every few days (I have never deleted anything). Why?

    post-36156-1330098872_thumb.jpg

  • Similar to the issue posted here.

  • edited February 2012

    Hello :)


    The Event module can store up to a few hundreds of history notes.


    In you case, it can be corrupt or it has reach the maximum threshold and they were all cleared.


    Thank you.

  • Hello :)


    The Event module can store up to a few hundreds of history notes.


    In you case, it can be corrupt or it has reach the maximum threshold and they were all cleared.


    Thank you.


    There were less than 10 entries of Intrusion Detection Event, less than 20 entries of Network Map Event (the list was not automatically cleared), less than 20 entries of Update Event (the list was not automatically cleared).


    The total sum of entries of all categories was less than 50 entries and only the list of Intrusion Detection Event was automatically cleared while the others were not.

  • Hello :)


    A product update was released. Your build should be 15.0.37.1560(please right click on Bitdefender icon from system tray-near the clock-and choose "About". You should see in the left side the build number).


    In order for the product update to be installed, you need to reboot your machine(you should see in the Events -> "Reboot required" under the Update module).


    Changelog:


    http://forum.bitdefender.com/index.php?showtopic=28172


    Let me know if the situation is solved. Have a nice day.

  • hello.i have a problem .


    I have total security 2014.


    I want use from english dictionary.


    I install Babylon.all versions give me alert potentially malicious process.give me this program may harm for system.


    and also lingoes dictionary.


    and also nero 7 have a lot of potentially malicious process.


    I don't know what I do.


    plz give a help.can I allow this programs?

    post-173379-1387041239_thumb.jpg

Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.