EICAR Exclusion?


I just installed the most recent Free version and ran a scan of my entire machine.  And it found several occurrences of EICAR in my old email files where I had mailed it to a computer I was testing back in 2003.  Fine, I'm impressed it found them in my old sent mail, however...


How do I get Bitdefender to stop treating them as red flag system threats?  I told it to tag all 5 occurences as "ignore" which it did temporarily.  After a reboot however they're back as red flag events with no way to tell it to ignore them now.  So I went into the old mail file and deleted the EICAR.com file attachment from it.  Rescanning that file still says it's got an EICAR infection with no way to ignore it or manually add it to some exclusion list.  Yet Bitdefender has also not quarantined what it apparently thinks is an existential threat.


What's the deal?  Bitdefender should recognize on its own that EICAR is not a system threat.  Just letting me know it found it is comforting, but continuing to highlight it as a red flag threat is not helpful.


(Oh, and for bonus points I have the same system image on a backup computer and the same Bitdefender does not even flag the existence of EICAR on that one, let alone make a fuss over it.  Win7 on both.)


 


 

Comments


  • So I found an ugly way to work around this.  I had to go into the data files for my email program (Thunderbird) with a system editor.  In there I found a few references such as "Eicar.com moved to Trash" from when I was working to fix this earlier.  Apparently referencing that name alone sets off Bitdefender even without the actual virus file present -- (I had long ago deleted and scrubbed the Trash file).   I crossed my fingers and erased all such references and apparently the Thunderbird data base system still works.  And now Bitdefender no longer red flags the file.


    This seems like a lot more effort and system knowledge required to stop flagging an Eicar file (or reference even) than should be required when Bitdefender knows Eicar is not a threat in the first place.