BD10 False Alert + Vista Help

jiggyup
edited May 2007 in Malware talk

I recently installed Adobe Flash Player and soon after BD was giving me alerts saying that a few files from the directory (C:\Windows\System32\Macromed) as suspicious. Is this legit? Either way can I get rid of these files?


Furthermore, I tried deleting them but Vista will not allow me access. I then tried to change the access to the files but it won't let me do it even as administrator (wtf)?


Kwang

Comments

  • Hi kwangk


    In the meantime you can exclude the folder macromedia to be scanned. Open BitDefender go to antivirus,shield,adjusted level choose for exclude this path on all level,add new item and then browse to C:\Windows\System32\Macromed But it will be marked as infected during an on demand scan. You have to wait till someone of the virus researchers answers here and remove the signatures.


    Regards


    Niels

  • Please upload the files here and I'll have a look at them.

  • Please upload the files here and I'll have a look at them.


    When trying to upload I run into two specific problems:


    -When I upload Install.exe it says "Error Upload failed. You are not permitted to upload this type of file" on the website. Furthermore I am not sure if it is the correct file because in the scan it says C:\Windows\System32\Macromed\Download\Install.exe is okay,


    but "C:\Windows\System32\Macromed\Download\Install.exe=>(NSIS o)=lzma_nsis0001" is suspected as Trojan.Downloader.Gen


    -Second problem is when I try to upload Download.exe. Vista gives me an error saying I don't have permission to the file


    Kwang

  • Hi kwangk


    If you compress the installer with winzip or any other compress tool. Then normally you can upload it and attach it to you next reply. But you may not exceed the upload limit.


    I don't use vista but see if you can higher your rights. But I don't know where in vista you can change that.


    Regards


    Niels

  • That is the file I need; as Niels said, to upload it here you need to archive it with the password infected. If it's too big to be uploaded here, send it to virus_submission@bitdefender.com and put 'for_vlad' in the subject line (you have to archive it with a password to send it by email too).