 Blocked Trojan, Trojan.Heur.S.8iw@acq8anfn |
|
|
  |
 Feb 14 2010, 10:51 AM
Post
#1
|
|
|
Newbie Group: Members Posts: 3 Joined: 8-December 08 Member No.: 20,039  |
Hi All
Please can you help. I am currently using Bitdefender Internet Security 2010 and have twice received this during a deep virus scan: Gen:Trojan.Heur.S.8iw@acq8anfn, action taken blocked. I have tried to access the file on my pc to delete it but have been unsuccesful in tracing it: C:Windows/Temp/SBS_VE_AMBR It also mentions Accessed By SBAMSVc.exe, which I believe is a component of Counterspy antispyware, which I also use on my pc, do you think there may be some sort of conflict? I have attached the real time antivirus protection screen shot and the antivirus log file scan. Hope you can help. Regards easyd
Attached File(s)
BitDefender_Log_File.doc ( 41.5K )
Number of downloads: 5
BitDefender_Trojan.doc ( 354K )
Number of downloads: 3 |
 |
 
|
|
Feb 14 2010, 02:39 PM
Post
#2
|
|
|
BitDefender Evangelist  Group: Moderators Posts: 3,360 Joined: 27-March 07 From: Galați/Iași, România Member No.: 60 |
Hello easyd,
As far as I can see, this issue has been discussed before on the Counterspy forums. In short, those folders are used by Counterspy to extract archived files in order to scan them. So, when Counterspy is used along with another Realtime Protection antivirus solution, and when the extracted files do contain malicious files, it is possible that the antivirus (in this case, BitDefender) and Counterspy will block eachother. Gen:Trojan.Heur.S.8iw@acq8anfn looks like a heuristic detection. From BitDefender's point of view, unless you can provide an actual sample of the detected file so it can be analyzed, this detection will remain, because there is no way of telling if it really is a false positive or not (it might very well be a real threat). Please contact Couterspy Support for more details. Thank you. Cris. |
|
|
|
|
Feb 14 2010, 02:49 PM
Post
#3
|
|
|
Newbie Group: Members Posts: 3 Joined: 8-December 08 Member No.: 20,039 |
Hi Cris
Thanks for the speedy response, what would be the best way of obtaining and sending a sample of this detected file. Also who would the best people to send this file to? Regards easyd This post has been edited by Cris: Feb 14 2010, 03:01 PM
Reason for edit: Removed quote
|
|
|
|
|
Feb 14 2010, 03:06 PM
Post
#4
|
|
|
BitDefender Evangelist Group: Moderators Posts: 3,360 Joined: 27-March 07 From: Galați/Iași, România Member No.: 60 |
I don't know. I have no idea how exactly Countersy works. What I said above was from 2 minutes of reading a topic found on Google. To find the exact files, please contact Counterspy Support and ask them how you can obtain a certain temporary file. As I said, it seems that this issue has been largely discussed on their forum, so it shouldn't be to hard to find an answer.
But the answer has to come from them, not from us. BitDefender Forum is in no way capable of offering support for 3rd party software. If you manage to get a sample, put it in a password-protected archive (with the password infected - details in my signature), upload the archive on a file sharing server of your choice (such as www.sendspace.com) and send me the download link by PM. I will forward the files to BitDefender Labs for analysis and will post back the response. Cris. |
|
|
|
|
Feb 18 2010, 10:06 PM
Post
#5
|
|
|
Newbie Group: Members Posts: 3 Joined: 8-December 08 Member No.: 20,039 |
Hi Cris
Sorry for the delay in getting back to you. I contacted the Sunbelt Forum, Sunbelt make Counterspy, and they enabled me run a Vipre Rescue virus scan using a command prompt in dos, under safe mode. This did not pick up any infections. They also stated that these files are temporary files created when Counterspy runs a scan. Looks as if this was a false positive created by Bitdefender. Thanks for your help in this. easyd |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
|
Lo-Fi Version | Time is now: 24th May 2013 - 08:57 AM |