Bitdefender flags anypia from S.S. as having Trojan??

I tried to download the anypia32z.exe file from Social Security as I have done before. This is the 2022.2 version. When it downloads and I click to install bitdefender flags it with the following info: trojan.generickd.49255900

Then it quarantines it and I can then delete it.

Why is it doing this? Surely the Social Security file does not have a trojan? I am surprised that I don't find anyone on the internet having the same problem. Any help on this?

Best Answer

Answers

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited July 2022

    Below is the virustotal link of the respective file. The detection seems to be false negative (incorrectly detected)

    https://www.virustotal.com/gui/file/410e6acc651082dd4119121bd738dd1413240e7468a0a4aebc84f6df076ea78c

    The fastest way would be if @Mike_BD can share the virustotal link/hash of the file directly with the malware researchers in order to get the detection removed.

    Additionally, I have also shared the file with malware researchers to get it reanalyzed. It may take some time to get an update on this.

    Till the file will get reanalyzed by the malware researchers, you can try disabling the real time protection in bitdefender (https://www.bitdefender.com/consumer/support/answer/28557/) & set the file to exclusion (https://www.bitdefender.com/consumer/support/answer/13427/) and then re-enable the real time protection.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • So, you are thinking it would be safe to exclude this file from bitdefender? Which would mean when I download and click on it to unpack files it would not be flagged...but when I start real time protection will it not flag it when I run the program? Hard to believe others have not reported this or that trojan.generickd.49255900 is not found in an internet search.

    Slightly worried these days of increased cyber problems.


    DC

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited July 2022

    You need to understand that detection names are totally based on the malware researchers. You will not find these detection names on the web. Bitdefender has more than thousand detection named under trojan.generickd.xxxxxxx for different malicious samples.

    Both the website and the file seems legitimate to me.

    Once you setup the file exclusion in bitdefender, it will not scan the file again. And if you are still worried about the file being malicious, kindly wait until the file it gets reanalyzed by malware researchers.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Ok, I updated my bitdefender, downloaded anypia 2022.2 update, unzipped and then it flagged it AGAIN. It named this as the problem: Gen:Suspicious.Cloud.2.7E0@aujMTJai


    So now what?

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited July 2022

    The file was earlier detected by signature based detection created by malware researchers which was removed afterwards. Currently this file is now getting detected by cloud based detection which is different from signature based detection.

    Submitting the sample via online forum will not help. Kindly share your sample with bitdefender support by dropping them an email at bitsy@bitdefender.com and ask them to inform malware researchers to remove the cloud based detection for the required sample.

    The support team will reply back to your query within next 24-48 hours excluding weekends.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)