Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Blocked Trojan, Trojan.Heur.S.8iw@acq8anfn
easyd
post Feb 14 2010, 12:16 PM
Post #1


Newbie


Group: Members
Posts: 3
Joined: 8-December 08
Member No.: 20,039



Hi All

Please can you help. I am currently using Bitdefender Internet Security 2010 and have twice received this during a deep virus scan: Gen:Trojan.Heur.S.8iw@acq8anfn, action taken blocked. I have tried to access the file on my pc to delete it but have been unsuccesful in tracing it: C:Windows/Temp/SBS_VE_AMBR

It also mentions Accessed By SBAMSVc.exe, which I believe is a component of Counterspy antispyware, which I also use on my pc, do you think there may be some sort of conflict?

I have attached the real time antivirus protection screen shot and the antivirus log file scan.

Hope you can help.

Regards

easyd
Attached File(s)
Attached File  BitDefender_Log_File.doc ( 41.5K ) Number of downloads: 5
Attached File  BitDefender_Trojan.doc ( 354K ) Number of downloads: 3
 
Go to the top of the page
 
+Quote Post
Cris
post Feb 14 2010, 04:04 PM
Post #2


BitDefender Evangelist
******

Group: Regular Bitdefender Poster
Posts: 3,360
Joined: 27-March 07
From: Galați/Iași, România
Member No.: 60



Hello easyd,

As far as I can see, this issue has been discussed before on the Counterspy forums. In short, those folders are used by Counterspy to extract archived files in order to scan them. So, when Counterspy is used along with another Realtime Protection antivirus solution, and when the extracted files do contain malicious files, it is possible that the antivirus (in this case, BitDefender) and Counterspy will block eachother.

Gen:Trojan.Heur.S.8iw@acq8anfn looks like a heuristic detection. From BitDefender's point of view, unless you can provide an actual sample of the detected file so it can be analyzed, this detection will remain, because there is no way of telling if it really is a false positive or not (it might very well be a real threat). Please contact Couterspy Support for more details. Thank you.

Cris.
Go to the top of the page
 
+Quote Post
easyd
post Feb 14 2010, 04:14 PM
Post #3


Newbie


Group: Members
Posts: 3
Joined: 8-December 08
Member No.: 20,039



Hi Cris

Thanks for the speedy response, what would be the best way of obtaining and sending a sample of this detected file. Also who would the best people to send this file to?

Regards

easyd

This post has been edited by Cris: Feb 14 2010, 04:26 PM
Reason for edit: Removed quote
Go to the top of the page
 
+Quote Post
Cris
post Feb 14 2010, 04:31 PM
Post #4


BitDefender Evangelist
******

Group: Regular Bitdefender Poster
Posts: 3,360
Joined: 27-March 07
From: Galați/Iași, România
Member No.: 60



I don't know. I have no idea how exactly Countersy works. What I said above was from 2 minutes of reading a topic found on Google. To find the exact files, please contact Counterspy Support and ask them how you can obtain a certain temporary file. As I said, it seems that this issue has been largely discussed on their forum, so it shouldn't be to hard to find an answer.
But the answer has to come from them, not from us. BitDefender Forum is in no way capable of offering support for 3rd party software.


If you manage to get a sample, put it in a password-protected archive (with the password infected - details in my signature), upload the archive on a file sharing server of your choice (such as www.sendspace.com) and send me the download link by PM. I will forward the files to BitDefender Labs for analysis and will post back the response.

Cris.
Go to the top of the page
 
+Quote Post
easyd
post Feb 18 2010, 11:31 PM
Post #5


Newbie


Group: Members
Posts: 3
Joined: 8-December 08
Member No.: 20,039



Hi Cris

Sorry for the delay in getting back to you. I contacted the Sunbelt Forum, Sunbelt make Counterspy, and they enabled me run a Vipre Rescue virus scan using a command prompt in dos, under safe mode. This did not pick up any infections. They also stated that these files are temporary files created when Counterspy runs a scan. Looks as if this was a false positive created by Bitdefender.

Thanks for your help in this.

easyd
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 20th April 2014 - 12:49 PM