PlanetZ forums - scopeusers.com

Hey there,
Has anyone experienced a virus infection that quarantined your scope XITE. exe?
Bit defender just quarantined my scope exe files and shortcuts, both on my main DAW and also on the backup server.
My Scope PCI, Pulsar 2, 32 bit machine is ok (at the moment).
New scans do not find anything now these files are quarantined.
maus

I just sent the infected 'Scope XITE.exe' file to Bitdefender to see if its a false positive.
Will post more details when I get a reply
regards
maus

Doubtful to be concerned about since it has also quarantined the shortcut--this is perhaps due to heuristics (some section of binary code matched a snippit in their test database) or possibly a filename match rather than there being an actual infection. Scope is not very widely used and does things that I'm sure cause it to get flagged for watching due to how much kernel time it will have access to (and take), plus it noted your autorun/task to start Scope as well.

hilarious!

the dangers of experts...

Some scanners use a generic approach to detect variants of existing viruses.
Unfortunately, these often report false positives. ClamAV is one of the worst of them.

You can upload to https://virusscan.jotti.org to get a picture of several virus scanners about the same file.

Nevertheless there are some nasty viruses, that patch every file you click and they often make themself the default program for .lnk, .exe , .com.

Quick update.
Bitdefender is no longer finding SCOPE.exe as viral.
I have not heard back from Bitdefender so I am not sure if they now identify 'scope' as a 'false positive'?
I did find I had a PUP Installer malware issue on my main DAW.
I have now cleaned that out.
Fixing that does not account for Bitdefender finding Scope.exe on my backup server, so it is likely Bitdefender has fixed the issue.
The Backup server (Win 10 machine) also no longer reports issues with scope files.
Just thought I would update this post just in case anyone else has similar issues.
regards
maus

PUP stands for "Potentially Unwanted Program" and just means you installed something that came with a 3rd party payload. Unlikely that it was a virus, and most of the worst PUP apps are gone from the marketplace. These days it's largely Norton "realtime defense" programs that get installed with Flash Player, Daemon Tools's payload and so on.

The PUP installer in question is something put out by Iron Works (whoever they are)
Thanks valis.
maus