Can Bitdefender find Trojans before they are triggered?

When I first installed Bitdefender I ran a full system scan. No Trojans or Malware were found. I had previously been using Norton AV. Every day I got a notice from Bitdefender that my system was clean, but when I ran another full system scan, Bitdefender found 44 Trojans. After the scan I looked through the log and noticed a few patterns. One, all of the infected files had been on my computer, unopened, since 2008 to 2009. Two, all of the files were articles from major news sites that I had downloaded. Three, all of these articles had keywords in their titles related to money, accounts, stocks, WSJ, bonds, etc. Have these Trojans been lying dormant on my computer for over 10 years? If so, why was Bitdefender not able to find them when I first made a full system scan?

Answers

  • Hello @TriodeV8 and welcome to the Community!

    Short answer, yes, Bitdefender can find Trojans before they are triggered. In regards to the issue you have described, I doubt they were "triggered". There are a few possibilities:

    • those sound like e-mails. Maybe they weren't downloaded locally until the scan that detected them.
    • maybe we didn't have detection for those particular files (VERY unlikely if they're that old. More likely to be a false positive, if that is indeed the case).
    • maybe they were previously not scanned for some reason (password protected, or they're no longer password protected).

    I'm not 100% sure we're talking about e-mails here and I don't really understand what kind of files they are. Are those downloaded articles? Are they pdfs/docs by any chance?

    Best regards.

    Premium Security & Bitdefender Endpoint Security Tools user

  • Greetings Alexandru,

    And thanks for your reply. The trojans were all found in articles I had downloaded from the internet years ago. They have all been sitting on my hard drive since then, unopened, so they have been (presumably) scanned multiple times since then by Norton and by Bitdefender.

    Most if not all of these articles were downloaded as HTML or MHT files from legitimate high-profile news sites. All of the articles have as their subject something to do with money.

    None of the articles was password protected. I’m attaching my scan log.

    Thanks again.


  • You would have to submit the files to BD for them to really know, could be false positives.

  • All the files are flagged as Trojan.Cryxos.8234.

    Since it was over a 3 to 4 month period, Possible an infected browser back in the day maybe.

    Still could be a false positive.


    Cryxos Trojans display deceptive alerts/notifications on compromised or malicious websites. The notifications claim that the user's computer is infected with a virus (or viruses), is blocked, and some personal details have been stolen. In most cases, users are encouraged to solve the problem by calling scammers via the telephone number provided.

    Generally, Cryxos Trojans display messages that are disguised as legitimate notifications from Microsoft, however, this company has nothing to do with these technical support scams. Do not trust these scams and remove Cryxos from the operating system immediately.

  • I don't think it was a false positive. More likely an infected browser. I actually got one of these deceptive alerts disguised as a Microsoft Defender notice. It appeared on a website I recently visited. That prompted me to do a more thorough search. I found the same Cryxos Trojans on my backup files.

    My main concern is, why did it take more than 10 years for an antivirus product to detect these dormant trojans.