Spybot-bit Defender-trojan

I have a bit of a mystery possibly involving three apparently separate entities runing in my Win 98SE OS.

1 I'm running Spybot's latest software and update versions.

2 I have an up/down entry in my firewall named BitDefender Professional ... a live update facility I suppose.

3 When I try to investigate the latter, Bit Defender seems to be part of an anti-virus program [I use Norton] but there's also a notation that there's a trojan masquerading in this disguise name of 'Win32.P2P.SpyBot.B6938B37'.

4 When I search Spybot and use it's search engine for this trojan and/or Bit Defender, I draw blanks.

5 When I search Symantect's lists of viruses and trojans, no such name is found which seems strange.

Can anybody shed light on this conundrum? Should I simply remove Bit Defender entry from my firewall or is it being used by Spybot? [A search at Spybot draws a blank]. Both Spybot and AdAware give me a clean slate following scans.

I've posed the question to Spybot but have not had a response. Perhaps it still will come.

Thanks

 

Addendum To Above

I now know that I was talking of a worm most commonly know as W32.Spybot.Worm.

I still need to know about the firewall entry re Bitdefender. Can I remove it safely?

Thanks again.

 

If you have never done a scan (online or other) with Bitdefender AV, I would definately remove the entry (even block access) from your firewall. Does the entry give you a filename/path being used?

 

Bit Defender

Hi Noahdfear

Yes there's a path `C:\windows\bdonlinescan\avxLive.exe'. In said folder are found two sub folders and one with a sub-sub folder [language]. The main folder contains 13 files while the other sub folder contains 86 files.

A small file entitled `update.txt' says the update was made Friday Oct 29 11:54:22 2004; Sig # 93130; Update time GMT 1099032862; Ver 7.00.260.

What's strange is that I never unpacked this program but I don't think it's been installed as I can find no other folder; there's no shortcut and no listing in Add/Remove programs.

I don't recall doing an on line scan but I just this minute thought of one site where such a scan might have been done. I'll check and report back.[*There's a BitDefender web site with a free on line scan and anti-virus download page: http://www.bitdefender.com/scan/licence.php]. I know I never downloaded the files as I run Norton and don't want this interference.

At the moment, I have entry and egress blocked in the firewall but I'm mystified as to how it got onto my computer used only by me.

Thanks for replying.

 

All looks legit. You can safely delete that entire folder or leave it, your choice. There should also be an ActiveX control. You would find it in Internet options>click settings in Temporary Internet Files section, then view objects. Should read; AVX Scan Online Control. It can be removed also.

 

Bit Defender

Hi Noahdfear...again

OK, I hear you and I have found the Active X control. I'll wipe out everything. Will look also for a cookie.

I still have no clue as to hope the download got there unless it was in one of my moments of madness. I have no recall even of ever visiting that web site.

Nonetheless, many thanks for your help.

 

Quite welcome. Thanks for posting back.