Bitdefender Av 10 Fp--spywareblaster.exe?

JTMBDF

PC been off for couple days, booted up last and with the latest BitDefender AV 10 updates, BD's Real-Time Protection removing spywareblaster.exe (v4.1):

spywareblaster.exe infected with Trojan.Agent.AIZM

alexcrist

Please attach the suspected files, or a link to the installation kit. (if you post a link, please write it in a TXT file, and attach that file. Please DON't write the link directly into your post).

Cris.

JTMBDF

Please attach the suspected files, or a link to the installation kit. (if you post a link, please write it in a TXT file, and attach that file. Please DON't write the link directly into your post).

Cris.

Ahh ... that brings up another point I forgot to include in my first post.

Cannot send the file since BD will delete the file from my system (does not put in Quarantine) without asking. I'm using the Default AV Shield settings (none set to "Delete file"):

Action to take when an infected file is found

First Action: Disinfect File

Second action: Deny access and continue

Action to take when an suspect file is found

First Action: Deny access and continue

Second action: Deny access and continue

However before posting, I tried a fresh download of SpywareBlaster 4.1 from download.com at:

'http://www.download.com/SpywareBlaster/3000-8022_4-10196637.html

Disabled Real-Time Protection and Antispyware to install. Shortly after enabling Real-Time Protection and Antispyware, will get BD pop-up saying "spywareblaster.exe infected with Trojan.Agent.AIZM" and BD will delete the file from system. When I go to "Events" and there's a "Critical", "Infected file detected" entry, double-click on the entry provides the same info as the pop-up but does not note anything about deleting the file.

Why is BD deleting the file from system without asking?

I also checked all the settings for the different System Scans and none them have the "Delete file" setting. They're either "Deny access and continue" or "Move to Quarantine"

Thanks,

Jon

3dziggy

Hi, I'm having similar problems with spywareblaster ,on this pc bitdefender comes up with the same message about trojan.agent.AIMZ

disinfection failed, spywareBlaster moved

I'll post the logfile with it..

maybe best to uninstall and get rid of spywareblaster, and use another?

any ideas?

Ziggy

/applications/core/interface/file/attachment.php?id=2329" data-fileid="2329" rel="">BD_208_06_29_001__1214694002.log

JTMBDF

... maybe best to uninstall and get rid of spywareblaster, and use another?

any ideas? ...

Not SpywareBlaster's fault its just another FP by BD.

Not aware of any other utility exactly like SpywareBlaster -- there are other programs (e.g., Spybot S&D) that provide similar features of SpywareBlaster.

Diazruanova

Same problem here, it is definitely a FP, please fix it since spywareblaster is a very recognized and safe program with very good reputation.

hiroalbertson@yahoo.co.jp

PC been off for couple days, booted up last and with the latest BitDefender AV 10 updates, BD's Real-Time Protection removing spywareblaster.exe (v4.1):

spywareblaster.exe infected with Trojan.Agent.AIZM

Right, I have been using spywareblaster for many years and know it is fully reliable apps. I have submitted this issue to Contact US. As Microsoft also recognized it that Windows Defender detected it as trojan and they immediately updated its signature file so WD users have no more issue. Please revise BD definition file to move it whitelist asap.

thanks

kerolbitdefender

Hi,

Definitely same problem here.

I tried download spywareblaster from many source. All the same alarm - infected by Trojan.

So, I suppose the upcoming update will rectify this problem?

Spywareblaster is a very good program. I feel something missing not having it installed.

Paddy

I woke up this morning to find that BitDefender had deleted the main exe of this program during a scheduled, claiming that it was a trojan. The details:

File Detected/Deleted: C:\Program Files\SpywareBlaster\spywareblaster.exe

Detection Name: Trojan.Agent.AIZM

You can download the program and check it out for yourselves:

http://www.javacoolsoftware.com/sbdownload.html

It's most definitely a False Positive.

Greatbigmouth

Hi there,

Yesterday BitDefender picked up the file "SpywareBlaster.exe" as a Trojan.Agent.AIZM in C:\Program Files\SpywareBlaster\Spywareblaster.exe

SpywareBlaster is a legitimate security program. After the initial detection, I was unable to even access it and had to uninstall completely. Why did BitDefender pick this file up as a trojan?

dfn123

>>> spywareblaster.exe infected with Trojan.Agent.AIZM

hmmm... BD never detected it before!?!

Who do we contact to report this as a problem?

alexcrist

Hello everyone,

The problem is already reported and the fix should be released in one of the next updates.

Cris.

alexcrist

Detection was removed. Thanks to everyone for reporting it.

Cris.

Diazruanova

Detection was removed. Thanks to everyone for reporting it.

Cris.

Thanks to you Chris

JTMBDF

Hello everyone,

The problem is already reported and the fix should be released in one of the next updates.

Cris.

Was the "fix" just to the "Detection was removed"?

What about DB deleting the file from the system even though none of the Real-time or System Scan settings are set to "Delete file" when a infection is detected/suspected?

I do not want BD (or any AV) to be deleting files from my system without asking first.

If there's no settings available to prevent DB deleting files from my system without asking first, I be deleting BD from my system and switching to another AV ASAP.

matabufalez

Was the "fix" just to the "Detection was removed"?

What about DB deleting the file from the system even though none of the Real-time or System Scan settings are set to "Delete file" when a infection is detected/suspected?

I do not want BD (or any AV) to be deleting files from my system without asking first.

If there's no settings available to prevent DB deleting files from my system without asking first, I be deleting BD from my system and switching to another AV ASAP.

YOu are wrong.

You can change the settings of BD for move to quarantine the infected or suspicious files.

When BD detects any threat,alert you by a popup and you have the option of delete or restore the suspicious file.

Goodbye

alexcrist

Hello Jon_T,

Before I explain what happened to you, I have to explain a few things about how things are done.

When you set BD to Delete a found threat, BD will delete only the found file (it will just apply a simple delete command on it).

On the other hand, when you set BD to Disinfect an infection, it will call a disinfection routine specific for the found infection (which includes, if needed, deleting auxiliary files, cleaning registry keys, undo-ing changes to the system and other things like that). Most times, the cleaning routine involves deletion of the found file, and the only exception from this is when a FILE INFECTOR infected a file (and that infection can, sometimes, be cleaned without actually deleting the host-file). In other words, Disinfect doesn't mean that it disinfects the file, it means it disinfects the system (and that means also deleting the threats).

Because the FP was included in the Trojan category, the disinfection routine involves deletion and that's why the file was deleted from your computer without prompt.

If you want to prevent this behavior, the solution is simple: instead of Disinfect you can set BitDefender to:

- either Move to quarantine

- or Deny access and continue, which will leave the file where it is, but block all access to it, allowing you to make a manual scan over it and take the necessary action.

Also, I suggest you to change the actions for the OnDemand scans as suggested above.

Cris.

JTMBDF

YOu are wrong.

You can change the settings of BD for move to quarantine the infected or suspicious files.

When BD detects any threat,alert you by a popup and you have the option of delete or restore the suspicious file.

Goodbye

If you read my previous post you've know I've verified that NONE of the Real-time or the System Scan settings are set to "Delete file" when a infection is detected/suspected. ... settings are to "Deny access and continue" or "Move to file to quarantine" if unable to "Disinfect". (i.e., default settings)

JTMBDF

Hello Jon_T,

Before I explain what happened to you, I have to explain a few things about how things are done. ...

Chris,

They need to provide the info you did on how "Disinfect file" works in the Help file which does not note it will delete files. Help only has "Disinfects the infected file".

Hence, based info in Help file and the settings outline structure (and using other AVs) is if DB unable to Disinfect file then the "Second action" will take place.

Based on your description on how "Disinfect file" works, the "Second action" will most likely will not be a second action.

Thanks,

Jon

Edit:

BTW does BD 2008 work the same way? Still using BD 10 because really do not care for BD 2008's dumb down GUI.