Virus

I have no idea how to solve this problem. Pls help


virus.png

«1

Comments

  • rootkit
    rootkit ✭✭✭
    edited October 2008

    Post here a complete scan log ;)

  • Post here a complete scan log ;)


    BitDefender Log File


    Product : BitDefender Internet Security 2009


    Version : BitDefender UIScanner v.12


    Scanning task : Deep System Scan


    Log date : 19:42:26 04/10/2008


    Log path : C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\deep_scan\1223142146_1_02.xml


    Scan Paths:Path 0000: C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe


    Path 0001: C:\Program Files\BitDefender\BitDefender 2009\antispam32\bdimguiaux.exe


    Path 0002: C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe


    Path 0003: C:\Program Files (x86)\Internet Explorer\iexplore.exe


    Path 0004: C:\Program Files (x86)\Internet Explorer\IEUser.exe


    Path 0005: C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe


    Path 0006: C:\Program Files\Windows Media Player\wmpnscfg.exe


    Path 0007: C:\Program Files\Windows Mail\WinMail.exe


    Path 0008: C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe


    Path 0009: C:\Program Files (x86)\PC Connectivity Solution\Transports\NclIrSrv.exe


    Path 0010: C:\Program Files\Windows Sidebar\sidebar.exe


    Path 0011: C:\Program Files\Logitech\SetPoint\LBTWiz.exe


    Path 0012: C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE


    Path 0013: C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe


    Path 0014: C:\Windows\ehome\ehmsas.exe


    Path 0015: D:\Programi\Adobe\Acrobat 9.0\Acrobat\acrotray.exe


    Path 0016: C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe


    Path 0017: C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe


    Path 0018: C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe


    Path 0019: C:\Program Files\Logitech\SetPoint\SetPoint.exe


    Path 0020: D:\Programi\Nokia\Nokia PC Suite 7\PCSuite.exe


    Path 0021: C:\Windows\ehome\ehtray.exe


    Path 0022: C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe


    Path 0023: D:\Programi\DAEMON Tools Lite\daemon.exe


    Path 0024: C:\Program Files\Windows Sidebar\sidebar.exe


    Path 0025: C:\Windows\System32\rundll32.exe


    Path 0026: C:\Program Files\Logitech\Gaming Software\LWEMon.exe


    Path 0027: C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe


    Path 0028: C:\Windows\Explorer.EXE


    Path 0029: C:\Windows\system32\taskeng.exe


    Path 0030: C:\Windows\system32\Dwm.exe


    Path 0031: C:\


    Path 0032: D:\


    Path 0033: E:\


    Path 0034: X:\


    Scan Options:Scan for viruses : Yes


    Scan for adware : Yes


    Scan for spyware : Yes


    Scan for applications : Yes


    Scan for dialers : Yes


    Scan for rootkits : Yes


    Target Selection Options:Scan registry keys : Yes


    Scan cookies : Yes


    Scan boot sectors : Yes


    Scan memory processes : Yes


    Scan archives : Yes


    Scan runtime packers : Yes


    Scan emails : Yes


    Scan all files : Yes


    Heuristic Scan : Yes


    Scanned extensions :


    Excluded extensions :


    Target Processing:Default action for infected objects : Disinfect


    Default action for suspicious objects : None


    Default action for hidden objects : None


    Default action for encrypted infected objects : None


    Default action for encrypted suspicious objects : None


    Default action for password-protected objects : None


    Scan engines summaryNumber of virus signatures : 1835442


    Archive plugins : 43


    Email plugins : 6


    Scan plugins : 12


    System plugins : 5


    Unpack plugins : 7


    Overall scan summaryScanned items : 1478787


    Infected items : 0


    Suspicious items : 0


    Resolved items : 0


    Unresolved items : 7


    Password-protected items : 7


    Individual viruses found : 0


    Scanned directories : 35710


    Scanned boot sectors : 10


    Scanned archives : 15393


    Input-output errors : 83


    Scan time : 02:31:43


    Files per second : 162


    Scanned processes summaryScanned : 0


    Infected : 0


    Scanned registry keys summaryScanned : 416


    Infected : 0


    Scanned cookies summaryScanned : 416


    Infected : 0


    Objects that were not scanned:Object Name Reason Final Status


    C:\Users\Matej\AppData\Roaming\EVEMon\eve-items2.xml.gz=]eve-items2.xml Overcompressed No action was possible


    C:\Users\Matej\AppData\Roaming\EVEMon\eve-items2.xml.gz.bak=]eve-items2.xml Overcompressed No action was possible


    D:\Programi\EVEMon\Resources\eve-items2.xml.gz=](gzip) Overcompressed No action was possible


    D:\System Volume Information\_restore{077612EE-DC0D-4227-BD6A-718AD79EA8E5}\RP410\A0107831.exe=](NSIS o)=]lzma_solid_nsis0035=]eve-items2.xml Overcompressed No action was possible


    E:\Delo_My_Book\EVE ONLINE\EVEMon-install-1.2.4.1005.exe=](NSIS o)=]lzma_solid_nsis0035=]eve-items2.xml Overcompressed No action was possible


    E:\Delo_My_Book\Filmi\Power.DVDRip.XviD-NYMPHO\CD1\nympho-power.cd1.rar=](NO_NAME) Overcompressed No action was possible


    E:\Delo_My_Book\Filmi\Power.DVDRip.XviD-NYMPHO\CD2\nympho-power.cd2.rar=](NO_NAME) Overcompressed No action was possible

  • I HAVE THE SOME PROBLEM!!!

  • I HAVE THE SOME PROBLEM!!!


    Me Three!

  • AndreiASM
    edited October 2008

    The popup message you get may well be a bug in BitDefender. Please, all of you who get this message, attach a scan log to a new post.


    Best regards!

  • Is there any specific moment when that popup appears (any actions that you take, or any applications that you open), or it just appears randomly?


    Cris.

  • Just randomly.

  • alexcrist
    alexcrist
    edited October 2008

    Matej, can you please attach one (or more) of these files:


    C:\Users\Matej\AppData\Roaming\EVEMon\eve-items2.xml.gz
    C:\Users\Matej\AppData\Roaming\EVEMon\eve-items2.xml.gz.bak
    D:\Programi\EVEMon\Resources\eve-items2.xml.gz


    Put them in a password-protected ZIP and attach the archive to your next post.


    Cris.

  • Sm3K3R
    Sm3K3R ✭✭✭

    Can you also post the settings you use for the real time scanner.


    To bad the BD 2009 doesnt show,like BD 2008 does, the last real time scanned file.

  • Matej, can you please attach one (or more) of these files:


    C:\Users\Matej\AppData\Roaming\EVEMon\eve-items2.xml.gz
    C:\Users\Matej\AppData\Roaming\EVEMon\eve-items2.xml.gz.bak
    D:\Programi\EVEMon\Resources\eve-items2.xml.gz


    Put them in a password-protected ZIP and attach the archive to your next post.


    Cris.


    Sori, i cannot do that. Bitdefender screen popup (screen from my 1 post) !


    Think that 3 files create problem but im not 100%


    How can i trick Bitdefender to copy those files ?

  • Can you also post the settings you use for the real time scanner.


    To bad the BD 2009 doesnt show,like BD 2008 does, the last real time scanned file.


    Sure, here is settings.


    realtime1.png


    realtime2.png

  • Sm3K3R
    Sm3K3R ✭✭✭
    edited October 2008

    I found "the thing" on my computer too :).


    For curiosity i started a scan on my C partition with Dr.Web CureIT.Consequently i activated all features in BD realtime scanner(I alowed BD to scan inside archives,usually being off) ,behavioral scaner was setted at High.While Cure IT stoped and analyzed something with the name .. BackItUp(it flashed very fast ) ,Nero i presume, the Virus alert pop uped :).It may be related to Nero.


    Edit: This seemed to be the path of the file ,can t be archived also with Winrar ,acces is denied -> "C:\Program Files\Nero\Nero 7\Nero BackItUp\BackItUp_ImageTool\root.img=]root.img" -> Overcompressed -> No action possible (this is what BD right click scan,on Nero folder, says).Its not recognozed as a virus in this scenario it only says is not scanable.

  • thm655321
    edited October 2008

    I do not have Nero installed, my full deep scans, etc. show no issues, yet the real time scanner gives me the same "Virus name: Virus; Location: Unknown" message.

  • Sm3K3R
    Sm3K3R ✭✭✭
    I do not have Nero installed, my full deep scans, etc. show no issues, yet the real time scanner gives me the same "Virus name: Virus; Location: Unknown" message.


    In the scan log have you seen any file that was not scaned because of password protection for example?


    Is the "Scan inside archives" option checked(inside real time scanner settings)?


    If Agressive preset is selected that option is enabled also.I was not using "Scan inside archives" becasue my computer is clean and i keep it usually off though everything else is activated.


    Behavioral scanner is active?

  • Sm3K3R
    Sm3K3R ✭✭✭

    I rescanned with Cure IT, the path seems to be "C:\Program Files\Nero\Nero 7\Nero BackItUp\BackItUp_ImageTool\logo.16" .At the moment when Cure IT analyses file "logo.16" from "BackItUp_ImageTool" folder the virus alert pop ups."Scan only new and unchanged files" from the real time scanner was turned off this time to repet the circumstances.This option didnt seem to have any efect on BD Deep Scan ,no alert when using on demand BD scan engine,maybe a bug that makes the on demand scaner ignoring the option "Scan only new and unchanged files".


    This is the file that may generate the virus alert on my computer.

  • Sm3K3R, your file doesn't trigger are alerts on my computer. Not On Demand, nor Realtime. Maybe you posted the wrong file...


    Matej: you can temporarily disable BD Realtime Protection, archive those files, post them and re-enable the protection.


    Cris.

  • Sm3K3R, your file doesn't trigger are alerts on my computer. Not On Demand, nor Realtime. Maybe you posted the wrong file...


    Matej: you can temporarily disable BD Realtime Protection, archive those files, post them and re-enable the protection.


    Cris.


    There are files in rar.... password: virus

    /applications/core/interface/file/attachment.php?id=3405" data-fileid="3405" rel="">Requested_files.rar

  • Matej, thank you for the files. I can reproduce the behavior and I will report it.


    Cris.

  • Di0g0
    edited October 2008

    My BD detects my musics with this virus! :blink: And my games :wacko:

  • rootkit
    rootkit ✭✭✭

    Post here a complete scan log !

  • Can't i formated my pc !

  • Sm3K3R
    Sm3K3R ✭✭✭
    edited October 2008
    Sm3K3R, your file doesn't trigger are alerts on my computer. Not On Demand, nor Realtime. Maybe you posted the wrong file...


    Matej: you can temporarily disable BD Realtime Protection, archive those files, post them and re-enable the protection.


    Cris.


    Cris , at this moment im totally confused.This "thing" appeared while Cure IT was analyzing(decompressing or whatever) the files at this path : C:\Program Files\Nero\Nero 7\Nero BackItUp\BackItUp_ImageTool .It happened(i somehow reproduced it) 3 times, but randomly when CureIT hits the path i already specified.If i run a BD scan it doesnt work i cant reproduce it as i cant reproduce every time with the CureIT scan also.I dont understand whats the problem exactly ,but it may be something related to Nero in my case.I cant help more :wacko:


    My Nero is version 7.9.6.0 and is the software that came bundled with my LG H55L DVD RAM.I m not using NeroBackItup from the suite its only installed along with the others.

  • Sm3K3R
    Sm3K3R ✭✭✭
    edited October 2008

    After another test ,I am now able to send the "root.img" ,file that triggers 100% the virus alarm ,but unfotunatelly i can t uploaded it, because its 2.82MB in dimension (compressed to the maximum).

  • I did a full scan with Cure IT. It found nothing. BD finds nothing in a deep scan, yet I get this realtime virus alert. I'd love to upload a file, but none are infected. What gives?

  • Sm3K3R
    Sm3K3R ✭✭✭
    I did a full scan with Cure IT. It found nothing. BD finds nothing in a deep scan, yet I get this realtime virus alert. I'd love to upload a file, but none are infected. What gives?


    thm655321, i ll clear something ,on my machine CureIT did not find infected files but while it was scaning(meaning opening and analyzing files) it trigered the real time BD scanner(that folowes any activity in our computers).I was using BD with the Agressive preset,for the Real Time scanner ,at that moment ,which means that files were analyzed (even archived) deeply.


    With the real time BD scanner customized to not open archives(my speed setting) no such virus alert was triggered because with that setting that file wasnt fully analyzed.


    I purelly use Cure IT and many more for crossed reference, from time to time.

  • Any progress on this?


    Thanks.

  • Hello,


    Is anyone still experiencing this problem? I checked a few moments ago, and BD didn't show the "Overcompressed" warning, nor the strange Realtime alert (tested with the files attached on this topic by Matej).


    Cris.

  • Hello,


    Is anyone still experiencing this problem? I checked a few moments ago, and BD didn't show the "Overcompressed" warning, nor the strange Realtime alert (tested with the files attached on this topic by Matej).


    Cris.


    I have stopped getting the realtime alert. I presume BD did an update to fix the problem, as I did nothing on my end. If so, kudos BD.

  • have some Realtime alert today ;(

  • have some Realtime alert today ;(


    Mine came back yesterday as well, but not today. Recent deep scans show nothing. Very odd.

  • Mine came back yesterday as well, but not today. Recent deep scans show nothing. Very odd.


    I installed BD a couple of weeks ago. I "activated" it 2-3 days ago & since then I get the pop-up window telling me "BD has blocked a virus affecting your computer. Virus name: virus. Virus location: unknown".


    I'm running Win XP latest service pack updates. I use Thunderbird for email & Firefox for browsing. I use no Micro$oft office products. Is anyone else seeing this? It's quite annoying.

    /applications/core/interface/file/attachment.php?id=3480" data-fileid="3480" rel="">BitDefender_UnknownVirus.rtf

  • It's a bug :s


    Wait for a espet

  • alexcrist
    alexcrist
    edited October 2008

    Please, anyone who has this problem, attach the causing files (as Matej did).


    To identify the files, try this:


    - make a deep scan of your system


    - at the end of the scan, view the scan log, and see if there are files that couldn't be scanned because of Overcompressed


    - find those files, put them in ZIP files, and attach them to a post here.


    As I said, with the files that Matej attached, I cannot reproduce the problem. And I cannot ask anyone to look for a bug that has no way of reproduction.


    Thank you.


    Cris.


    EDIT: A workaround (which I noticed when I first got Matej's files) is to disable Scan archives for the Realtime Protection. My guess is that the archive scanning generates this alert.


    But for the bug to be corretly fixed, please attach the files (if you don't know what files to attach, attach a deep scan log).

  • Di0g0
    edited October 2008

    Go to: C:\Users\All Users\BitDefender\Desktop\Events or C:\Documents and settings\All Users\BitDefender\Desktop\Events


    Open the history.xml and the name of the file infected by virus is here!!!

  • jst
    jst
    edited October 2008

    Here is the log file from my deep scan.....


    BitDefender Log File


    Product : BitDefender Antivirus 2009


    Version : BitDefender UIScanner v.12


    Scanning task : Deep System Scan


    Log date : 12:35:03 11/10/2008


    Log path : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1223746503_1_02.xml


    Scan Paths:Path 0000: C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe


    Path 0001: C:\Program Files\Mozilla Firefox\firefox.exe


    Path 0002: C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe


    Path 0003: C:\WINDOWS\System32\svchost.exe


    Path 0004: C:\WINDOWS\System32\alg.exe


    Path 0005: C:\Program Files\iPod\bin\iPodService.exe


    Path 0006: C:\WINDOWS\system32\SearchIndexer.exe


    Path 0007: C:\WINDOWS\system32\svchost.exe


    Path 0008: C:\Program Files\Bonjour\mDNSResponder.exe


    Path 0009: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe


    Path 0010: C:\Program Files\Windows Desktop Search\WindowsSearch.exe


    Path 0011: C:\Program Files\iTunes\iTunesHelper.exe


    Path 0012: C:\Program Files\QuickTime\QTTask.exe


    Path 0013: C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe


    Path 0014: C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe


    Path 0015: C:\Program Files\Common Files\Real\Update_OB\realsched.exe


    Path 0016: C:\Program Files\USBToolbox\Res.EXE


    Path 0017: C:\WINDOWS\system32\CTHELPER.EXE


    Path 0018: C:\WINDOWS\Explorer.EXE


    Path 0019: C:\WINDOWS\system32\spoolsv.exe


    Path 0020: C:\WINDOWS\system32\svchost.exe


    Path 0021: C:\WINDOWS\system32\svchost.exe


    Path 0022: C:\WINDOWS\System32\svchost.exe


    Path 0023: C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe


    Path 0024: C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe


    Path 0025: C:\WINDOWS\system32\svchost.exe


    Path 0026: C:\WINDOWS\system32\svchost.exe


    Path 0027: C:\WINDOWS\system32\lsass.exe


    Path 0028: C:\WINDOWS\system32\services.exe


    Path 0029: C:\WINDOWS\system32\winlogon.exe


    Path 0030: C:\WINDOWS\system32\csrss.exe


    Path 0031: \SystemRoot\System32\smss.exe


    Path 0032: C:\


    Path 0033: E:\


    Scan Options:Scan for viruses : Yes


    Scan for adware : Yes


    Scan for spyware : Yes


    Scan for applications : Yes


    Scan for dialers : Yes


    Scan for rootkits : Yes


    Target Selection Options:Scan registry keys : Yes


    Scan cookies : Yes


    Scan boot sectors : Yes


    Scan memory processes : Yes


    Scan archives : Yes


    Scan runtime packers : Yes


    Scan emails : No


    Scan all files : Yes


    Heuristic Scan : Yes


    Scanned extensions :


    Excluded extensions :


    Target Processing:Default action for infected objects : Disinfect


    Default action for suspicious objects : None


    Default action for hidden objects : None


    Default action for encrypted infected objects : None


    Default action for encrypted suspicious objects : None


    Default action for password-protected objects : None


    Scan engines summaryNumber of virus signatures : 1863035


    Archive plugins : 43


    Email plugins : 6


    Scan plugins : 12


    System plugins : 5


    Unpack plugins : 7


    Overall scan summaryScanned items : 221257


    Infected items : 0


    Suspicious items : 0


    Resolved items : 0


    Unresolved items : 12


    Password-protected items : 12


    Individual viruses found : 0


    Scanned directories : 8486


    Scanned boot sectors : 6


    Scanned archives : 1583


    Input-output errors : 32


    Scan time : 00:46:03


    Files per second : 79


    Scanned processes summaryScanned : 32


    Infected : 0


    Scanned registry keys summaryScanned : 762


    Infected : 0


    Scanned cookies summaryScanned : 762


    Infected : 0


    Objects that were not scanned:Object Name Reason Final Status


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]eps.ep2=]A.EP3 Password-protected No action was possible


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]eps.ep2=]C.EP4 Password-protected No action was possible


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]eps.ep2=]E.EP9 Password-protected No action was possible


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]eps.ep2=]FA.EP3 Password-protected No action was possible


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]eps.ep2=]L.EP3 Password-protected No action was possible


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]eps.ep2=]L2.EP3 Password-protected No action was possible


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]eps.ep2=]M.EP3 Password-protected No action was possible


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]eps.ep2=]U.EP3 Password-protected No action was possible


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]epa.ep2=]C.EP4 Password-protected No action was possible


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]epa.ep2=]E.EP3 Password-protected No action was possible


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]epc.ep2=]S.EP4 Password-protected No action was possible


    C:\dwnld2008\epsetup.exe=](ZIP Sfx s)=]ic13.cab=]epu.ep2=]S.EP4 Password-protected No action was possible

  • Sm3K3R
    Sm3K3R ✭✭✭
    Please, anyone who has this problem, attach the causing files (as Matej did).


    To identify the files, try this:


    - make a deep scan of your system


    - at the end of the scan, view the scan log, and see if there are files that couldn't be scanned because of Overcompressed


    - find those files, put them in ZIP files, and attach them to a post here.


    As I said, with the files that Matej attached, I cannot reproduce the problem. And I cannot ask anyone to look for a bug that has no way of reproduction.


    Thank you.


    Cris.


    EDIT: A workaround (which I noticed when I first got Matej's files) is to disable Scan archives for the Realtime Protection. My guess is that the archive scanning generates this alert.


    But for the bug to be corretly fixed, please attach the files (if you don't know what files to attach, attach a deep scan log).


    Cris,a link towards the file should be in a PM that i send you some days ago,if not i will resend it again.

  • Yes, I got it, thank you.


    I reported (again) the problem and I'm waiting for an answer. There's nothing more that I can do...


    Cris.

  • Niels
    Niels
    edited October 2008

    Hello


    So far the problem with the message overcompressed appears on my computer when certain files are packed with winuhac or any archive tool that can compress files better than winzip or winrar after being packed by normal archivers tools.(read has more possibilities to pack files better). When the compression level is set to best.


    Kind regards,


    Niels

  • Matej001
    edited October 2008

    Any idea WHEN this BUG will be fixed ?! I still get msg for UNKNOWN VIRUS

  • I have the some bugg!!!1!

  • Well. this is certainly annoying me!

  • Niels
    Niels
    edited October 2008

    Hello Matej,Sheepdisease and Di0g0,


    Did you contacted support about this issue? It would also be helpful if you can give them the steps how to reproduce it. Support or BitDefender software engineers don't look at this forum. I have also the problem with overcompressed and I have reported it. So far I didn't have that message from unknown virus. When does that message pop-up? I mean are you using a certain program or are you doing something. That is information that BitDefender need to be able to reproduce it.


    Kind regards,


    Niels

  • I have this problem with rar files.

  • Sheepdisease
    edited October 2008

    Well, well, well!


    The problem had deteriorated and I couldn't even run Windows Update(s) anymore. I went looking for answers and found the one I was looking for.


    Just be aware the the Vundo trojan is not detected by Bitdefender (not even using the highest security settings). I downloaded Malwarebytes' Anti-Malware (which is a free download), as instructed in the Microsoft Forums and it picked up numerous traces of Vundo.

  • Just be aware the the Vundo trojan is not detected by Bitdefender (not even using the highest security settings). I downloaded Malwarebytes' Anti-Malware (which is a free download), as instructed in the Microsoft Forums and it picked up numerous traces of Vundo.


    I have to disagree. BitDefender detects many variants of Vundo and other polymorphic malware. The fact that it doesn't detect all variants doesn't mean that it doesn't detect it at all. Vundo is a malware family that is highly polymorphic, and it's practically impossible to detect all it's variants (but new variants are detected each day).


    As for what MalwareBytes detected... if there were files that BD missed, you are welcome to attach them on Sample Submission, or send them through e-mail to BitDefender Support, so detection can be added for them.


    Cris.

  • When does the bitdefender solves this problem with the "virus"? I 'm tired of this bug!!


    This just happens to rar files, already talked to technical support but still did nothing!

  • Sm3K3R
    Sm3K3R ✭✭✭
    edited October 2008
    When does the bitdefender solves this problem with the "virus"? I 'm tired of this bug!!


    This just happens to rar files, already talked to technical support but still did nothing!


    Set the real time scanner to not open archives.When you scan on demand this Virus alert does not occure.


    I think they will fix it soon.

  • Satan
    edited November 2008

    Hey guys, I found this thread through google, so thought I would post my findings.


    If I run Firefox (3.0) the "Virus" Unknown message pops up.


    If I run Internet explorer, the message does not pop up.


    After installing Bitdefender Total Security 2009 last week, I took it upon myself to tamper with the default settings in the Real time Scanning options.


    Selecting HTTP scanning and a few other options.


    I recently installed a download manager called Flashget, and Flashgot plugin for Firefox.


    Today I start getting the above error message.


    I got rid of the message by setting the Virus Protection to "Default Settings".


    The Error has stopped.


    This makes me think it is Firefox and/or plugin related, as my homepage is the same for both IE8 and FF3.


    Hope this helps :)


    PS:I disabled and re-enabled Flashgot Addon for Firefox, and checked the Scan HTTP Traffic again. On re-opening Firefox 3 the error is still gone.

  • I have no idea how to solve this problem. Pls help


    virus.png


    Was or is there any fix for this problem? I have had BD installed and working just fine for the past 2 months and now all of a sudden when I open firefox I get this SAME POP UP and its driving me crazy.


    I do two scheduled scans nightly, and they have come up with nothing.


    If this is an actual bug in the program how do we get rid of it? And why now all of a sudden??


    Can someone help me here please?