Bitdefender Continously Showing Virus Alert For Same File.


Hello,


I have Bitdefender Total Security 2015 installed on a Win 8 x64 machine.


Since I restarted the computer after a BSOD (some bad pool header thing about which I am still searching), BitD has been constantly giving virus alerts. The BSOD has started occuring since the past few days; it occurs when I save a file from the net in Firefox, which is sandboxed (Sandboxie), and as soon as Sandboxie is supposed to give the Recover files dialog box, the BSOD occurs.


This time, when I restarted the computer, BitD started giving virus alerts, and it has been doing this since the past half hour, one per minute. It simply won't stop. The message is always the same:


The file \Device\HarddiskVolume3\Users\admin\AppData\Roaming\Microsoft Office\Microsoft Excel.WsF is infected with Trojan.VBS.UDX. The virus has been successfully blocked and your PC is safe. Please contact Bitdefender support for more information regarding the infection.


I looked into the folder mentioned by BitD, but it's empty.


I also looked in the Quarantine tab of BitD, but that's also empty.


What should I do? :(

Comments

  • Lionet
    Lionet
    edited April 2015
    Hello,


    I have Bitdefender Total Security 2015 installed on a Win 8 x64 machine.


    Since I restarted the computer after a BSOD (some bad pool header thing about which I am still searching), BitD has been constantly giving virus alerts. The BSOD has started occuring since the past few days; it occurs when I save a file from the net in Firefox, which is sandboxed (Sandboxie), and as soon as Sandboxie is supposed to give the Recover files dialog box, the BSOD occurs.


    This time, when I restarted the computer, BitD started giving virus alerts, and it has been doing this since the past half hour, one per minute. It simply won't stop. The message is always the same:


    The file \Device\HarddiskVolume3\Users\admin\AppData\Roaming\Microsoft Office\Microsoft Excel.WsF is infected with Trojan.VBS.UDX. The virus has been successfully blocked and your PC is safe. Please contact Bitdefender support for more information regarding the infection.


    I looked into the folder mentioned by BitD, but it's empty.


    I also looked in the Quarantine tab of BitD, but that's also empty.


    What should I do? :(


    Hi Bhargav,


    Welcome on the forum,


    I utterly dislike BSOD - it usually meant in the past I had to reformat the hard disk pretty soon.


    Which kind of file did you download from the internet? probably something nasty? Maybe the sandboxie has been losing its sand... and is no longer safe.


    Or it is a false alert?


    Check first your system is safe with a rescue disk ( downloaded and installed on a cd from a clean machine):


    rescue disk


    if your system is clean, you'd better reinstall Bitdefender then and check the result...


    install Bitdefender


    Regards,


    :)


    L.


  • Thanks for the reply.


    I think first I'll boot into Safe mode and run a scan. If it solves the problem, fine; if not, I'll reinstall BitD. The Rescue disc is an option, but it means downloading about 700 MBs of data, which is something I'd prefer not to do.


    Right now, while I'm writing this, BitD is still giving virus alerts; there are a total of 285 such alerts till now...


    I've made another thread at the Win 8 forum for the BSOD, for those who might face a similar problem in the future:


    http://www.eightforums.com/bsod-crashes-de...html#post492204


    :)

  • BhargavJ
    edited April 2015

    Just found something else:


    http://how-to-remove.us/remove-microsoft-e...n-vbs-agent-uf/


    http://www.en.usbfix.net/2014/03/infection...sb-peripherals/


    These webpages say the virus could have come from a USB drive which was connected to an infected computer earlier. Some time ago, I did connect my USB drive to a computer, and later at home, when I opened the drive, it showed only shortcuts, exactly as mentioned in these pages.


    These webpages suggest installing Bitdefender as one solution. But I already have Total Security installed!


    Second, they recommend downloading this small cleaning app:


    http://www.en.usbfix.net/download/usbfix/


    But can it be trusted? And will it clean all the infected files in my PC as well?


    Bitdefender has shown 445 alerts till now...


    Please help.

  • Lionet
    Lionet
    edited April 2015
    But can it be trusted? And will it clean all the infected files in my PC as well?


    I don't know this program.


    You could at least try Malwarebytes... but if your system is corrupted, it's a bit late.


    but it means downloading about 700 MBs of data, which is something I'd prefer not to do


    Why? do you have a very low internet speed? CD-Roms are quite chea.p nowadays...


    I appreciate BD rescue disc because two years ago it could scratch a very nasty malware on a friend's machine.


    Can't you send samples of suspected files to Bd labs?


    Good night,


    L.

  • I do have a low Internet speed connection.


    As for samples, the file that Bitdefender shows as infected doesn't show up in explorer at all. I opened Virus Total, and it asked me to upload the file I suspect of being infected, but when I navigated to that particular folder (users - admin - AppData - Roaming - Microsoft - Microsoft Office), there isn't any file there at all, so what do I upload?


    I downloaded the Kaspersky online scan thing, and it scanned the system, but it couldn't find this particular virus; it only gave alerts for autorun enabled and stuff like that. Maybe BitD is giving a false positive?


    BitD is still showing 1 alert per minute, its reached 486 alerts till now.


    I think I'll download Malwarebytes and scan for the time being.


    :)