Smokey's Security Weblog

veritas odium parit

Severe BitDefender 2010 update problem: set of bad definitions released

Read for you on SANS, posted today, 18:29:31 UTC:

We have started to receive reports this morning concerning a popular consumer antivirus product has caused some grief today. BitDefender 2010 appears to have released a set of bad definitions. Unfortunately, these bad virus definitions appear to detect core DLL files and even parts of BitDefender, itself, as infected by “Trojan.FakeAlert.5”. There is quite a thread discussing this issue on the BitDefender Forums.

If you or your organization uses BitDefender, I would heavily recommend that you disable auto-update of the definitions until corrected ones are released soon. Also, I would recommend preparing to do a lot of hands-on clean up to reverse those files which were quarantined by accident.

Sound not good at all…

Post updated – Official BitDefender statement:

Due to a recent update it is possible that BitDefender detects several Windows and BitDefender files as infected with Trojan.FakeAlert.5

In order to solve this issue you will have to perform these steps:

– open the BitDefender interface in Expert Mode
– go to the Antivirus tab and disable the Realtime Protection permanently.
– go to the Quarantine tab and restore all items that are detected as Trojan.FakeAlert.5.
– reboot your PC
– open BitDefender in Expert Mode
– go to the Update tab and run an update.
– wait for the update to finish and enable the Realtime Protection that was disabled earlier.

If, however, your Windows can no longer boot properly you will need to perform one of the 2 actions below:

1. Use Last Known Good Configuration
– reboot your PC and press F8 repeatedly until you reach a text menu
– choose the last option on the bottom of the page named Last Known Good Configuration

2. Use System Restore

Source: BitDefender

Advertisements

March 20, 2010 - Posted by | Advisories, Alerts, Anti-Virus, Downloads, Malware, Recommended External Security Related Links | , , , , , , , , , ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: