Gen:variant.graftor.162054 Is This A False Positive?
Hi
My wife purchased a CD called charismatic cats which features pictures of cats to use on greeting cards
When inserted Bitdefender picks up this
\CATS (1)\autorun.exe Gen:Variant.Graftor.162054 Moved to Quarantine
\CATS (6)\autorun.exe Gen:Variant.Graftor.162054 Moved to Quarantine
\CATS (2)\autorun.exe Gen:Variant.Graftor.162054 Moved to Quarantine
\CATS (3)\autorun.exe Gen:Variant.Graftor.162054 Moved to Quarantine
\CATS (4)\autorun.exe Gen:Variant.Graftor.162054 Moved to Quarantine
\CATS (5)\autorun.exe Gen:Variant.Graftor.162054 Moved to Quarantine
\CATS (7)\autorun.exe Gen:Variant.Graftor.162054 Moved to Quarantine
It was purchased from a trustworthy source is this a false positive possibly?
Thanks
Paul
Comments
-
Hi
My wife purchased a CD called charismatic cats which features pictures of cats to use on greeting cards
...\CATS (1)\autorun.exe Gen:Variant.Graftor.162054 Moved to Quarantine
...
It was purchased from a trustworthy source is this a false positive possibly?
...
When in doubt, I suggest you check any suspicious file with VirusTotal's free online service*. If after that you believe to have found a false positive, please submit it to Bitdefender's automatic sample uploader (you may follow the link on the top of this forum).
--
p.s. Bitdefender Antivirus Free Editions renames quarantined files adding an extension of the form .######.gzquar (where each # is a digit) and blocks its access on the file system. How are files in removable non-writable media quarantined (i.e., CDs or DVDs)? Are the simply blocked? Is the quarantined file remembered when the media is removed?
__________________
*You will not be able to upload a quarantined file to VitusTotal. You will need to restore the file before doing that for that (be careful!). You may want to block it again after you are submit it.0 -
...
I suggest you check any suspicious file with VirusTotal's
...
I just noticed there was already a submission to VirusTotal of a file that may very well be the same as yours*. Eight (8) out of fifty-four (54) different antivirus engines (including Bitdefender) detected Gen:Variant.Graftor.162054 or alike but the remaining forty-six (46) did not detect any problem. It may very well be a false positive yet there is a chance a majority of scanners were missing something. I suggest you should submit the file to Bitdefender as a false positive. Just be aware Bitdefender's expert analysis may prove otherwise.
--
____________________________________
*Ths result identification has:
File name: AutoPlay Menu Loader or autorun.exe or Samples.exe
MD5: b54f70f22d62c1110bc6769e8543794d
SHA1: e24d9088cbcd90919a6e227447a32129f191a125
SHA256: c3c5c55f6b0d7cf87c011bd1cdee0b80f4c91fdab831ba00927bf9d7d4ed221f
File size: 1.8 MB ( 1908805 bytes )
Analysis date: 2014-11-11 00:15:40 UTC ( 3 weeks, 5 days ago )0 -
I just noticed there was already a submission to VirusTotal of a file that may very well be the same as yours*. Eight (8) out of fifty-four (54) different antivirus engines (including Bitdefender) detected Gen:Variant.Graftor.162054 or alike but the remaining forty-six (46) did not detect any problem. It may very well be a false positive yet there is a chance a majority of scanners were missing something. I suggest you should submit the file to Bitdefender as a false positive. Just be aware Bitdefender's expert analysis may prove otherwise.
--
____________________________________
*Ths result identification has:
File name: AutoPlay Menu Loader or autorun.exe or Samples.exe
MD5: b54f70f22d62c1110bc6769e8543794d
SHA1: e24d9088cbcd90919a6e227447a32129f191a125
SHA256: c3c5c55f6b0d7cf87c011bd1cdee0b80f4c91fdab831ba00927bf9d7d4ed221f
File size: 1.8 MB ( 1908805 bytes )
Analysis date: 2014-11-11 00:15:40 UTC ( 3 weeks, 5 days ago )
Thanks for the reply I will submit a sample file as advised0
