System Infected On Quickscan But Not System Scan

Hi. My computer is usualy always updated on every level and everything is fine. I did a system scan and an even more complete scan and no sign of infection. WHEN I RUN A QUICKSCAN there are 2 infections unresolved : C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe AND C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe .


Both are Gen:Variant.Barys.120 . I googled both of these and it says its NOT a virus or trojan or spyware.


So my question is : ######. And why it says my system is infected ONLY with the quickscan. ?

Comments

  • littlemojopuppy
    edited January 2015

    Bitdefender is reporting the exact same thing for me...quick scan reports infection, system scan does not. Log is attached and I submitted the two files in question for review to BD

    /applications/core/interface/file/attachment.php?id=13465" data-fileid="13465" rel="">1420383928_1_03.xml

  • Bitdefender is reporting the exact same thing for me...quick scan reports infection, system scan does not. Log is attached and I submitted the two files in question for review to BD


    Also...the quick scan reporting the infection is not listed in the antivirus events (as if it never occurred). Very strange.

  • Also...the quick scan reporting the infection is not listed in the antivirus events (as if it never occurred). Very strange.


    Same thing, not listed in antivirus events

  • No evidence on my W7 that CCC.exe Ver 3.5.0.0 292KB Dated 1/25/12 or MOM.exe Ver 2.0.0.0 292KB dated 1/25/2012 are infected. Ran a Contextual Scan of the CORE-Static folder and which contains those two files and the scan came up clean. A Quick Scan also came up clean


    BDIS 2015 18.20.0.1429 last updated today.


    W7-SP1

  • No evidence on my W7 that CCC.exe Ver 3.5.0.0 292KB Dated 1/25/12 or MOM.exe Ver 2.0.0.0 292KB dated 1/25/2012 are infected. Ran a Contextual Scan of the CORE-Static folder and which contains those two files and the scan came up clean. A Quick Scan also came up clean


    BDIS 2015 18.20.0.1429 last updated today.


    W7-SP1


    Ran a contextual scan too... ended up clear for core static folder but quick scan ended with infected files

  • Ran a contextual scan too... ended up clear for core static folder but quick scan ended with infected files


    I see exactly the same thing.


    Quick Scan reports my system to be infected - same 2 files in same ATI folder.


    The quick scan does not appear in the events log.


    System scan and contextual scan indicate system to be clean, and are listed in events log.


    Running windows 7 64 bit O/S.

  • I just erased all my hard disk and now I HAVE AGAIN those 2 ''malwares'' Its your problem bitdefender so hurry up and do something...

  • I just erased all my hard disk and now I HAVE AGAIN those 2 ''malwares'' Its your problem bitdefender so hurry up and do something...


    People rarely post if they are not having what appears to them to be a problem. As I posted above my scans came up clean. I wonder what the file versions, dates and file sizes of if those that say that BD is finding a problem are.


    ATI has been known to have bad updates in the past and not just one or two of them.


    I would be interested to see someone who is having the problem post the file version, date and file size of the each of the files. Thanks

  • There is a known synchronization issue that happens for some files in QuickScan, as they are scanned separately. It's still being investigated.


    In the meantime, I believe at least one of those was corrected.


    If you are still seeing a detection, please provide an MD5 or SHA hash for the files, so I can have them rechecked. (or a link from VirusTotal or similar, if you are having trouble)


    While you may have submitted the files for review, without them being detected or a hash it would be very hard for me to find them.

  • There is a known synchronization issue that happens for some files in QuickScan, as they are scanned separately. It's still being investigated.


    In the meantime, I believe at least one of those was corrected.


    If you are still seeing a detection, please provide an MD5 or SHA hash for the files, so I can have them rechecked. (or a link from VirusTotal or similar, if you are having trouble)


    While you may have submitted the files for review, without them being detected or a hash it would be very hard for me to find them.


    how MD5 ... SHA.... what is this. how to do it

  • Just head over to VirusTotal, click "Choose File" and select a file showing up in the log, then press Scan It!.


    Both files will probably already be there, and you can skip re-analysis, if asked. Just provide the links to the pages.

  • Just head over to VirusTotal, click "Choose File" and select a file showing up in the log, then press Scan It!.


    Both files will probably already be there, and you can skip re-analysis, if asked. Just provide the links to the pages.


    SHA256: 11b1ed16eb42ffb68bfad074f2cf468327b6d579834abcc63ba23ab2c373a7fa


    File name: 1420480193_3_03.xml I did it


    https://www.virustotal.com/en/file/11b1ed16...sis/1420489777/

  • MD5 6047178520f889995f933187d2abc2af


    SHA1 e4dd49b7d2ef592dc4e4dd0d94d2568212da5e58


    quickscan always detect this as a malware the first time

  • I'm sorry I wasn't very clear in my explanation. The files for which I would like hashes are those shown IN the log.


    From your PM submission:


    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe


    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


    Please provide the hashes or links for these two.

  • I'm sorry I wasn't very clear in my explanation. The files for which I would like hashes are those shown IN the log.


    From your PM submission:


    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe


    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


    Please provide the hashes or links for these two.


    First one : C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe LINK: https://www.virustotal.com/en/file/e293559e...sis/1420495399/


    Second one : C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe LINK : https://www.virustotal.com/en/file/bd27cf59...sis/1420495698/

  • Thank you. I'll post back when I have something.

  • Thank you. I'll post back when I have something.


    Thank you for your help I appreciate .

  • looks lile the quickscan is ok... did you already make a change?

  • Changes were done soon afterwards, but colleagues forgot to reply. I only got an email today:)


    Happy it was fixed in time.