Bitdefender Av 10 Fp--spywareblaster.exe?
PC been off for couple days, booted up last and with the latest BitDefender AV 10 updates, BD's Real-Time Protection removing spywareblaster.exe (v4.1):
spywareblaster.exe infected with Trojan.Agent.AIZM
Comments
-
Please attach the suspected files, or a link to the installation kit. (if you post a link, please write it in a TXT file, and attach that file. Please DON't write the link directly into your post).
Cris.0 -
Please attach the suspected files, or a link to the installation kit. (if you post a link, please write it in a TXT file, and attach that file. Please DON't write the link directly into your post).
Cris.
Ahh ... that brings up another point I forgot to include in my first post.
Cannot send the file since BD will delete the file from my system (does not put in Quarantine) without asking. I'm using the Default AV Shield settings (none set to "Delete file"):
Action to take when an infected file is found
First Action: Disinfect File
Second action: Deny access and continue
Action to take when an suspect file is found
First Action: Deny access and continue
Second action: Deny access and continue
However before posting, I tried a fresh download of SpywareBlaster 4.1 from download.com at:
'http://www.download.com/SpywareBlaster/3000-8022_4-10196637.html
Disabled Real-Time Protection and Antispyware to install. Shortly after enabling Real-Time Protection and Antispyware, will get BD pop-up saying "spywareblaster.exe infected with Trojan.Agent.AIZM" and BD will delete the file from system. When I go to "Events" and there's a "Critical", "Infected file detected" entry, double-click on the entry provides the same info as the pop-up but does not note anything about deleting the file.
Why is BD deleting the file from system without asking?
I also checked all the settings for the different System Scans and none them have the "Delete file" setting. They're either "Deny access and continue" or "Move to Quarantine"
Thanks,
Jon0 -
Hi, I'm having similar problems with spywareblaster ,on this pc bitdefender comes up with the same message about trojan.agent.AIMZ
disinfection failed, spywareBlaster moved
I'll post the logfile with it..
maybe best to uninstall and get rid of spywareblaster, and use another?
any ideas?
Ziggy0 -
... maybe best to uninstall and get rid of spywareblaster, and use another?
any ideas? ...
Not SpywareBlaster's fault its just another FP by BD.
Not aware of any other utility exactly like SpywareBlaster -- there are other programs (e.g., Spybot S&D) that provide similar features of SpywareBlaster.0 -
Same problem here, it is definitely a FP, please fix it since spywareblaster is a very recognized and safe program with very good reputation.
0 -
PC been off for couple days, booted up last and with the latest BitDefender AV 10 updates, BD's Real-Time Protection removing spywareblaster.exe (v4.1):
spywareblaster.exe infected with Trojan.Agent.AIZM
Right, I have been using spywareblaster for many years and know it is fully reliable apps. I have submitted this issue to Contact US. As Microsoft also recognized it that Windows Defender detected it as trojan and they immediately updated its signature file so WD users have no more issue. Please revise BD definition file to move it whitelist asap.
thanks0 -
Hi,
Definitely same problem here.
I tried download spywareblaster from many source. All the same alarm - infected by Trojan.
So, I suppose the upcoming update will rectify this problem?
Spywareblaster is a very good program. I feel something missing not having it installed.0 -
I woke up this morning to find that BitDefender had deleted the main exe of this program during a scheduled, claiming that it was a trojan. The details:
File Detected/Deleted: C:\Program Files\SpywareBlaster\spywareblaster.exe
Detection Name: Trojan.Agent.AIZM
You can download the program and check it out for yourselves:
http://www.javacoolsoftware.com/sbdownload.html
It's most definitely a False Positive.0 -
Hi there,
Yesterday BitDefender picked up the file "SpywareBlaster.exe" as a Trojan.Agent.AIZM in C:\Program Files\SpywareBlaster\Spywareblaster.exe
SpywareBlaster is a legitimate security program. After the initial detection, I was unable to even access it and had to uninstall completely. Why did BitDefender pick this file up as a trojan?0 -
>>> spywareblaster.exe infected with Trojan.Agent.AIZM
hmmm... BD never detected it before!?!
Who do we contact to report this as a problem?0 -
Hello everyone,
The problem is already reported and the fix should be released in one of the next updates.
Cris.0 -
Detection was removed. Thanks to everyone for reporting it.
Cris.0 -
Detection was removed. Thanks to everyone for reporting it.
Cris.
Thanks to you Chris0 -
Hello everyone,
The problem is already reported and the fix should be released in one of the next updates.
Cris.
Was the "fix" just to the "Detection was removed"?
What about DB deleting the file from the system even though none of the Real-time or System Scan settings are set to "Delete file" when a infection is detected/suspected?
I do not want BD (or any AV) to be deleting files from my system without asking first.
If there's no settings available to prevent DB deleting files from my system without asking first, I be deleting BD from my system and switching to another AV ASAP.0 -
Was the "fix" just to the "Detection was removed"?
What about DB deleting the file from the system even though none of the Real-time or System Scan settings are set to "Delete file" when a infection is detected/suspected?
I do not want BD (or any AV) to be deleting files from my system without asking first.
If there's no settings available to prevent DB deleting files from my system without asking first, I be deleting BD from my system and switching to another AV ASAP.
YOu are wrong.
You can change the settings of BD for move to quarantine the infected or suspicious files.
When BD detects any threat,alert you by a popup and you have the option of delete or restore the suspicious file.
Goodbye0 -
Hello Jon_T,
Before I explain what happened to you, I have to explain a few things about how things are done.
When you set BD to Delete a found threat, BD will delete only the found file (it will just apply a simple delete command on it).
On the other hand, when you set BD to Disinfect an infection, it will call a disinfection routine specific for the found infection (which includes, if needed, deleting auxiliary files, cleaning registry keys, undo-ing changes to the system and other things like that). Most times, the cleaning routine involves deletion of the found file, and the only exception from this is when a FILE INFECTOR infected a file (and that infection can, sometimes, be cleaned without actually deleting the host-file). In other words, Disinfect doesn't mean that it disinfects the file, it means it disinfects the system (and that means also deleting the threats).
Because the FP was included in the Trojan category, the disinfection routine involves deletion and that's why the file was deleted from your computer without prompt.
If you want to prevent this behavior, the solution is simple: instead of Disinfect you can set BitDefender to:
- either Move to quarantine
- or Deny access and continue, which will leave the file where it is, but block all access to it, allowing you to make a manual scan over it and take the necessary action.
Also, I suggest you to change the actions for the OnDemand scans as suggested above.
Cris.0 -
YOu are wrong.
You can change the settings of BD for move to quarantine the infected or suspicious files.
When BD detects any threat,alert you by a popup and you have the option of delete or restore the suspicious file.
Goodbye
If you read my previous post you've know I've verified that NONE of the Real-time or the System Scan settings are set to "Delete file" when a infection is detected/suspected. ... settings are to "Deny access and continue" or "Move to file to quarantine" if unable to "Disinfect". (i.e., default settings)0 -
Hello Jon_T,
Before I explain what happened to you, I have to explain a few things about how things are done. ...
Chris,
They need to provide the info you did on how "Disinfect file" works in the Help file which does not note it will delete files. Help only has "Disinfects the infected file".
Hence, based info in Help file and the settings outline structure (and using other AVs) is if DB unable to Disinfect file then the "Second action" will take place.
Based on your description on how "Disinfect file" works, the "Second action" will most likely will not be a second action.
Thanks,
Jon
Edit:
BTW does BD 2008 work the same way? Still using BD 10 because really do not care for BD 2008's dumb down GUI.0