Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> False Positive; Optional Windows Updates
writhziden
post Apr 11 2012, 08:15 PM
Post #1


Newbie


Group: Members
Posts: 7
Joined: 11-April 12
Member No.: 103,225



A couple of concerns:

I had a false positive related to the Point Cloud Library that is used for computer vision and robotic software development: http://pointclouds.org/

The Infected file deleted was C:\Program Files (x86)\PCL 1.4.0\bin\pcd_convert_NaN_nan.exe

My first concern is I am testing out a number of antivirus programs for family members to use who are not as technically inclined as I am. I am not concerned that this file was deleted and completely removed from my system because I have backups of my system that I make on a weekly basis. The average user does not do this, though. If the average user has a file deleted, it is gone for good, and the only way to get it back is to re-install it if it is part of a program, use system restore if it is among the files system restore backs up, or use a file restoration program that is rather expensive to restore the file.

Doing a cursory search, I see that Bitdefender representatives have been asked numerous times by customers to have files quarantined rather than deleted so they can be restored if Bitdefender finds a false positive. This should be the default action. I have not looked further into it, and maybe there is a setting to change it so files are not deleted when suspected to be infected, but even if there is, the average user is not going to find that setting without a lot of hunting or asking for someone like myself to take a look at the system.


A second concern I have is Bitdefender is complaining that I do not have an optional Windows update installed. While this is informational only, I know which update it is, and I have it hidden through my updates for a reason. My display card driver is up to date, but Microsoft seems to think the display card driver from a year ago is more up to date than the one from two weeks ago. Bitdefender should not be finding updates that I have hidden to avoid this annoyance.


Can someone please address my two concerns?

I would greatly appreciate it. Thank you in advance.

This post has been edited by writhziden: Apr 11 2012, 08:15 PM
Go to the top of the page
 
+Quote Post
writhziden
post Apr 11 2012, 09:12 PM
Post #2


Newbie


Group: Members
Posts: 7
Joined: 11-April 12
Member No.: 103,225



Sorry for the double post. I read the forum rules, and I saw that I should provide what product I am using, but I am unable to edit my first post anymore; my apologies for not reading the rules before posting.

I am using Bitdefender Internet Security 2012. I use the Auto Pilot feature.
The software runs on a Windows 7 Home Premium 64-bit system with no other security software installed.

I just finished reading the user's guide regarding infected files and the Auto Pilot feature. Specifically

"If an infected file is detected, Bitdefender will automatically attempt to disinfect
it. If disinfection fails, the file is moved to quarantine in order to contain the
infection.
Important
For particular types of malware, disinfection is not possible because the detected
file is entirely malicious. In such cases, the infected file is deleted from the disk."

It would be beneficial to the average user to have Bitdefender remove the file as a threat but maintain a method to restore the file if it is a false positive.

This post has been edited by writhziden: Apr 11 2012, 09:27 PM
Go to the top of the page
 
+Quote Post
Christian
post Apr 12 2012, 10:00 AM
Post #3


Bitdefender Support
******

Group: Root Admin
Posts: 14,009
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hi and welcome to our forums (IMG:style_emoticons/default/smile.gif)

Could you point to the actual installation file?(direct link)

On that website there are a lot of resources.

Thank you.
Go to the top of the page
 
+Quote Post
writhziden
post Apr 12 2012, 01:24 PM
Post #4


Newbie


Group: Members
Posts: 7
Joined: 11-April 12
Member No.: 103,225



Sure, no problem. They have updated the binaries to PCL 1.5.1, but the PCL 1.4.0 link can still be found here: Windows MSVC 2010 (32bit) PCL 1.4.0 All-In-One Installer

I have 1.4.0 and am not sure if 1.5.1 will still generate the false positive.

Thank you, Christian.

This post has been edited by writhziden: Apr 12 2012, 01:26 PM
Go to the top of the page
 
+Quote Post
writhziden
post Apr 12 2012, 09:23 PM
Post #5


Newbie


Group: Members
Posts: 7
Joined: 11-April 12
Member No.: 103,225



I sent the actual executable file for analysis (Bitdefender caused this normally 30 second process to take over an hour and a half).

Ticket ID:201204111027196

Everytime I tried to add the file back to my system, Bitdefender erased it. Even if I turned Bitdefender's Auto Pilot and On-access scanner off, it would turn on as soon as I added the file to the system, and the file would be deleted right before my eyes. I tried putting the file in a folder that I set to be excluded from scans, and Bitdefender still deleted it. I finally had to compress the file through my Windows rescue CD using 7-zip and then upload it using Sony Vaio's Web feature that runs a Sony web browser outside Windows so Bitdefender could not access the file. The process was rather frustrating.


I need the Point Cloud Library to develop software for my PhD research.

I would like to ask: Can I please get some help adding the file back to my system so Point Cloud Library can work as it is supposed to?

This post has been edited by writhziden: Apr 12 2012, 09:23 PM
Go to the top of the page
 
+Quote Post
Christian
post Apr 14 2012, 07:20 AM
Post #6


Bitdefender Support
******

Group: Root Admin
Posts: 14,009
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hello (IMG:style_emoticons/default/smile.gif)

The file is clean and the detection will be removed in few updates.

Thank you for reporting the issue.

File pcd_convert_nan_nan_exe declared CLEAN

All you need to do is to reinstall that software since the settings from the product were to delete the file.

We are sorry for the inconvenience.

Have a nice day!
Go to the top of the page
 
+Quote Post
writhziden
post Apr 14 2012, 05:45 PM
Post #7


Newbie


Group: Members
Posts: 7
Joined: 11-April 12
Member No.: 103,225



QUOTE (Christian @ Apr 14 2012, 12:20 AM) *
Hello (IMG:style_emoticons/default/smile.gif)

The file is clean and the detection will be removed in few updates.

Thank you for reporting the issue.

File pcd_convert_nan_nan_exe declared CLEAN

All you need to do is to reinstall that software since the settings from the product were to delete the file.

We are sorry for the inconvenience.

Have a nice day!

Thank you, Christian. Appreciate the information, and I will await the update. I also am very glad for the help in this matter.

Is there any chance the default action can be set to quarantine instead of delete when Bitdefender is first installed?

Until I changed it so infections were always quarantined, I was afraid to connect any of my backup drives in Windows for fear that important files may be deleted by Bitdefender. As a user, I prefer that my antivirus software make me feel protected from viruses and malicious behavior. There is something wrong with the antivirus software when it causes a feeling of trepidation rather than a feeling of security.

Also, why are files restored from quarantine not automatically added to the on-demand and on-access exclusions?

It would be nice to have the ability to restore false positives from quarantine in one step, as well. Every time I tried, the file was immediately detected by Bitdefender and sent back to quarantine. I had to disable the antivirus, restore the file, add the file to the exclusions list, and then enable the antivirus again. There should be one simple step for restoring false positives.


Thank you again for all your help.

-Mike
Go to the top of the page
 
+Quote Post
writhziden
post Apr 15 2012, 02:49 AM
Post #8


Newbie


Group: Members
Posts: 7
Joined: 11-April 12
Member No.: 103,225



I guess I no longer need your help. After having Bitdefender cause my system to lock up for 7 hours today, I have decided to remove the program and not recommend it to anyone in the future. I had a similar problem with another antivirus program I was running earlier this year, so I recognized the symptoms all too well. Unfortunately, my event viewer logs do not show Bitdefender as the culprit, so I have no proof it caused the problem. All I have are a lot of unresponsive programs for 30000 milliseconds messages and a HD device error from trying to dismount the flash drive that Bitdefender was scanning when it failed. Windows Security kept popping up saying that Bitdefender was turned off (it seemed to crash), and then all tasks on my computer took a minimum of between 45 minutes and an hour to respond. For instance, I started task manager at around 1:30 this afternoon, and it finally appeared at about 2:20. I started a wordpad document to try to paste some important text, and the first instance of it took an hour to start, and the second instance took about three hours to start.

I finally had to do a hard shut down of my system and then run my disk check for corrupted data. I have to say, in the three days that I used the trial version of Bitdefender, I was not impressed. My systems run flawlessly without it, by the way. I have tried two other security programs with no issues. Two out of the four I have tested so far have worked well, and the other one that did not work well: the issue was at least fixed by the company's technical support.

Just to give a little more information before ending my time with Bitdefender: I had a .tar.bz2 backup of my Ubuntu system on my flash drive that was 2.7 GB in size. It appears that Bitdefender was trying to analyze that file when it crashed and took Windows with it. Maybe that information will help your technical support to find a solution to the problem. I would love to help narrow down the problem, but I do not want to risk my hardware by having to do hard shutdowns due to Bitdefender not running properly. Best of luck!

This post has been edited by writhziden: Apr 15 2012, 02:50 AM
Go to the top of the page
 
+Quote Post
Christian
post Apr 15 2012, 05:53 AM
Post #9


Bitdefender Support
******

Group: Root Admin
Posts: 14,009
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hello (IMG:style_emoticons/default/smile.gif)

Welcome back.

Bitdefender can be set to automatically move to quarantine the discovered malware.

Open Bitdefender, click on Settings and move to Antivirus module.

From right side, select the Shield tab and under On Access scanning Settings click on Modify.

Under Actions, please elect Move files to quarantine. From there, you can recover deleted files.

We apologize for any negative experience you have encountered with our products or our support. Your feedback is appreciated, and will be directed to the appropriate team for review, to enable us to improve our support and services.

Thank you for taking the time and please do not hesitate to contact us if you need further details from us.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 23rd October 2014 - 06:12 PM