AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
Just went to start up Thunderbird, and Avira AntiVir Guard gives me a warning that the ExternalService.dll in the BirdieSync\Thunderbird Service\components\ directory is the TR/Dldr.Zlob.Gen2 Trojan.
I ran Malwarebytes fast scan and then Spybot S&D, and neither found a problem. So I'm guessing it's a false positive. But I'm denying access for now just to be safe...
Anyone else seen this? I only purchased BirdieSync a week or so ago, and did not have this error until today. I am assuming that Avira updated the definitions, but I wasn't paying attention.
I ran Malwarebytes fast scan and then Spybot S&D, and neither found a problem. So I'm guessing it's a false positive. But I'm denying access for now just to be safe...
Anyone else seen this? I only purchased BirdieSync a week or so ago, and did not have this error until today. I am assuming that Avira updated the definitions, but I wasn't paying attention.
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
Same for me. I use BirdieSync for a while and never had such a problem.
I also deny access for the dll until it's clear what happened.
best regards
Rolf
I also deny access for the dll until it's clear what happened.
best regards
Rolf
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
Hi,
I also have the problem. I think it was by updating the virus definitions this morning.
Can I trust the DLL?
Regards,
Torsten
I also have the problem. I think it was by updating the virus definitions this morning.
Can I trust the DLL?
Regards,
Torsten
-
- Posts: 1
- Joined: Sat Oct 03, 2009 11:04 am
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
Same here.
Anybody knows, how to get information from Avira / Birdie regarding this issue??
Bz.
Anybody knows, how to get information from Avira / Birdie regarding this issue??
Bz.
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
Hello,
This is not the first time a false positive is detected with BirdieSync:
http://www.birdiesync.com/forum/viewtopic.php?f=2&t=241
http://www.birdiesync.com/forum/viewtopic.php?f=2&t=114
I don't know which version of BirdieSync you were using. Is it the last one ? In such situations, it is recommended to use a service like:
http://www.virustotal.com
This service checks the uploaded file with a lof of anti-virus. If only one reports a problem, it is very likely a false positive.
This is not the first time a false positive is detected with BirdieSync:
http://www.birdiesync.com/forum/viewtopic.php?f=2&t=241
http://www.birdiesync.com/forum/viewtopic.php?f=2&t=114
I don't know which version of BirdieSync you were using. Is it the last one ? In such situations, it is recommended to use a service like:
http://www.virustotal.com
This service checks the uploaded file with a lof of anti-virus. If only one reports a problem, it is very likely a false positive.
Birdy
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
Hello,
I have the same problem with Avira AntiVir since this morning and just tried the file on virustotal.com. There was one hit from 41 virus detectors, although not from avira, but from McAfee. The Avira virus definition was, however, from October 2, so it may be that it's just not recent enough.
The ExternalServices.dll is from April 16th, so I guess it hasn't changed and is probably not infected, but I am no expert on viruses. So I'd like to wait for an all-clear from BirdieSync before I set it to "ignore".
@Birdy: Could you run the original file yourself and check whether you get that warning, too? The setup file version was 1.7.1.1
Best regards
Ingo
I have the same problem with Avira AntiVir since this morning and just tried the file on virustotal.com. There was one hit from 41 virus detectors, although not from avira, but from McAfee. The Avira virus definition was, however, from October 2, so it may be that it's just not recent enough.
The ExternalServices.dll is from April 16th, so I guess it hasn't changed and is probably not infected, but I am no expert on viruses. So I'd like to wait for an all-clear from BirdieSync before I set it to "ignore".
@Birdy: Could you run the original file yourself and check whether you get that warning, too? The setup file version was 1.7.1.1
Best regards
Ingo
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
The file 1.7.1.3 ExternalService.dll was compiled again from the original sources (so considered as clean) and submitted to virustotal. Only MacAfee reported the detection of the trojan (the 40 other anti virus did not). So a mail was sent to Mc Afee and Avira to signal this problem of "false positive". I hope that they will update their virus definitions soon.
Birdy
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
Hello Birdy,
thanks for your help. I installed the 1.7.1.3 version and set AntiVir to ignore this file permanently. That's rather dangerous, I admit, but I hope there's never ever going to be a real virus in it.
Ingo
thanks for your help. I installed the 1.7.1.3 version and set AntiVir to ignore this file permanently. That's rather dangerous, I admit, but I hope there's never ever going to be a real virus in it.
Ingo
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
I got a response from Avira:
The file 'ExternalService.dll' has been determined to be 'FALSE POSITIVE'. In particular this means that this file is not malicious but a false alarm. Detection will be removed from our virus definition file (VDF) with one of the next updates.
Birdy
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
Thank you for this positive information. Good support!
best regards
Rolf
best regards
Rolf
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
Thanks!
Of course, now I have to reinstall because one of the times Avira had a warning it decided to delete the dll.
Of course, now I have to reinstall because one of the times Avira had a warning it decided to delete the dll.
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
Actually, is there a way I can just download that dll directly from the BirdieSync site? I left my phone at work, so the BirdieSync installer won't let me reinstall BirdieSync. Plus, I'd rather not redo the entire setup to replace the one file...
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
I tested again ExternalService.dll with virustotal and it seems that Avira and McAfee updated their virus definitions (2009-10-06). No more false positive detected !
So ensure to have the latest virus defintions before reinstalling Birdiesync.
@kati42: if you don't mind, I would prefer you to reinstall BirdieSync over your previous installation. If you use the same Setup file as you lastly did, it shouldn't change anything. You can even skip the installation on the mobile device. But in any case I would suggest you to BACKUP your data before doing anything as suggested in this FAQ topic.
So ensure to have the latest virus defintions before reinstalling Birdiesync.
@kati42: if you don't mind, I would prefer you to reinstall BirdieSync over your previous installation. If you use the same Setup file as you lastly did, it shouldn't change anything. You can even skip the installation on the mobile device. But in any case I would suggest you to BACKUP your data before doing anything as suggested in this FAQ topic.
Birdy
Re: AntiVir Guard Avira: Dldr.Zlob.Gen2 Trojan in BirdieSync...
If you have problems with BirdieSync (for instance Birdiesync menus no longer work in Thundebird) after AntiVir detected a false positive, it maybe because AntiVir removed the libray ExternalService.dll from C:\Program Files\BirdieSync\Thunderbird Service\components
In this case, reinstall BirdieSync to retrieve the library.
Before any operation, I suggest you to backup your data as mentioned in this FAQ topic.
In this case, reinstall BirdieSync to retrieve the library.
Before any operation, I suggest you to backup your data as mentioned in this FAQ topic.
Birdy