Deepscan:generic.hupigon.346f4697 = Wiseftp -- A False Positive?
Hello,
three days ago (only) the bd-engine of my av-program started to identify two files of the program WiseFTP 4 as viruses.
wf_tp.exe = DeepScan:Generic.Hupigon.994745CE
wise_ftp.exe = DeepScan:Generic.Hupigon.346f4697
After moving the files in quarantine two new files in the directory "System Volume Information\_restore...\RP93\" seem to be infected with the same viruses.
A0009786.exe = DeepScan:Generic.Hupigon.994745CE
A0008808.exe = DeepScan:Generic.Hupigon.346f4697
Is this possibly a false positive?
Thanks for your help
Mike
PS: Unfortunately it was not possible to upload one of the files.
I received this message: Upload failed. Please ask the administrator to ensure the uploads directory is writeable
Comments
-
Today the upload problem should dissapear.
As for the viruses which appear in System Volume Information, please diables System Restore temporarly and temporarly deactivate BD realtime protection.
Andrei0 -
Today the upload problem should dissapear.
As for the viruses which appear in System Volume Information, please diables System Restore temporarly and temporarly deactivate BD realtime protection.
Andrei
Hello,
I cannot believe that the deactivation of BD realtime protection is a solution ... The Hupigon issue occurs in several threads and is still unresolved by the BD team. There is obviousely a FP alert by BD after the recent XP security updates and BD updates. Please check the files indicated in the threads with the latest XP SP02 security updates and BD updates.
Thanks !
Ruediger0 -
Hello,
I cannot believe that the deactivation of BD realtime protection is a solution ... The Hupigon issue occurs in several threads and is still unresolved by the BD team. There is obviousely a FP alert by BD after the recent XP security updates and BD updates. Please check the files indicated in the threads with the latest XP SP02 security updates and BD updates.
Thanks !
Ruediger
You didn't fully understand my advice: if you want to clean the System Volume Information, which stores restore points for your computer, you have to do the following:
1. Deactivate BD real-time protection
2. Right-click on My-computer, go to System Restore, and chek the "Turn off System restore on all drives", then ok
3. Re-enabled System-restore by un-checking that check box
4. Rer-enable BD real-time protection
You have to deactivate BD real-time protection because when cleaning the SVI folder, BD will still scan the files while deleted, and will block the (possible) infected files.
Andrei0 -
If you consider that those files are clean, you should upload them here: http://www.virustotal.com/en/indexf.html and they will be scanned by a number of AV engines.
0 -
If you consider that those files are clean, you should upload them here: http://www.virustotal.com/en/indexf.html and they will be scanned by a number of AV engines.
Hi, khufu
I have already uploaded them to virustotal and there was only one engine that identified my files as DeepScan:Generic.Hupigon.994745CE.
This scanner was BitDefender 7.2 (what a surprise :-)).
I also checked the files at virusscan.jotti.org with the same result. Only BitDefender reacted.
Jotti also showed me this message: "Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate."0 -
Then upload the files here(i hope you can) and wait for VR`s to download them and remove the detection if they are clean.
0 -
Please wait until upload will be posible on this forum. You don't have to be 100% certain that the file is infected or not. It could be a FP, and VR will remove the detection if necesarly.
Andrei0 -
Have you any idea when the upload will be possible again?
0 -
The upload should be avaible starting from today... I hope it will be avaible starting from today.
Andrei0 -
It is still impossible to upload files.
Is there an other place where I can send them to?0 -
Hello MikeC
You can still send them to : virus_submission@bitdefender.com
Or you can upload them to an online file host e.g: http://www.verzend.be , http://www.rapidshare.com and post the downloadlink, etc or wait till the problem is fixed.
Regards
Niels0 -
Hi Niels ! I have uploaded file infected malware and i have waited for long time but my problem have no fix to now
0 -
To make things easier, from now on I'll have a look myself at mails sent to virus_submission@bitdefender.com which have 4VIR in the subject line. MikeC, please pack the files in an archive with the password infected and send them to that address with 4vir somewhere in the subject.
0 -
Hello vlad,
thank you for your help.
I have send the files to you.
Regards
Mike0 -
I managed to find the mail eventually; the detection has been removed. All the Generic.Hupigon.* chaos will be fixed permanently by tomorrow the latest.
0 -
Hello Vlad,
I also send an email to virus_submission@bitdefender.com with the subject 4VIR. I attached a packed file, which issues the generic.Hupigon virus alert by BD. Please verify with your fix.
Regards,
rka0 -
It's fixed, and all the other Generic.Hupigon.* false positives should disappear. Please update your BD virus definitions.
0 -
Starting from today you can once again upload your files on the forums. There is a 2MB limit.
0