Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/

Thank you for your understanding.

Backdoor.Bifrose.ADR : false positive ?

Options
vladim
vladim
in Malware talk

Hello,


i bought un new computer two days ago with windows vista premium and i installed bitdefender antivirus plus v10 today.


i have launch a deep scan and BD found a backdoor "Backdoor.Bifrose.ADR" in the file "wextract.exe" in the system32 directory.


this file seem to be included with vista.


Is there a method ton control if the file is infected or not ?


Thanks :rolleyes:


Vladim


P.S: i'm french thus excuse me if my english is not good :unsure:

Comments

  • Unknown
    Unknown
    Options

    Hello and welcome,


    Just browsed on the internet and saw that many antiviruses detect this but its a false positive, so the best you can do now is to upload the file on http://virusscan.jotti.org/ and see what it says.


    So i think monday the file will be registered in our database and it will not prompt you that it is a virus,till then you can except the file from scanning.


    I think you have the french version so i put you a link to the documentation in french http://download.bitdefender.com/windows/de...s_v10_guide.pdf .


    You'll find the informations you need on page 59 , it says :


    "Exclure le chemin de l'analyse


    (appliqué à TOUS LES NIVEAUX)"


    Tell me how it went.


    Regards

  • vladim
    vladim
    Options

    I sent the file on the jotti website et it said :


    "


    File: wextract.exe


    Status: POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)


    "


    Bitdefender is the only to find something in this file (BitDefender Found Backdoor.Bifrose.ADR )


    Others antivirus found nothing...


    the probability of false positive seem to be high... it s a good news ;)


    Thank you very much for your help


    vladim

  • Unknown
    Unknown
    Options

    I'm happy i could help you, probably monday this problem will be solved.


    Regards

  • vlad
    vlad
    Options

    Whenever reporting a false positive, please also submit the "guilty" file; it is otherwise impossible to do anything about it. And whenever you submit possible malware samples through _any_ channel, make sure you send them as an archive with the password infected (if you send them unencrypted, antivirus software along the way might delete the files or block them).

All Time Leaders

Categories

Defenders of the month