BitDefender collateral damage?

Cocohurtz

(for any tech support reading this, there's already a ticket open - number 2017110902440003 - I was just told that because it was free, the forums was my best bet for an answer)


I was downloading some software (that, while I knew would be flagged down by the antivirus and would need to be excluded, I knew were safe files from a safe source). Specifically, game trainers that modify software memory.


However, in the aftermath of BitDefender trying to intercept it, it also quarantined the following completely unrelated and safe items:


-firefox.exe and pingsender.exe from Program Files (x86)/Mozilla Firefox. It attempted this at least 5 times.

-The shortcut .lnk files to Firefox

-cmd.exe in Windows/SysWOW64. I don't even know why.

-A save file, and backup save file, from the game I was downloading software from.

-Several profile/cache files from the Firefox app data folders.

-conhost.exe from Windows/System32 (!!!) (it attempted this twice)


Anyone ever saw anything like this? Or could have any clues as to what's going on?

Roxana G

Hello,

We suspect that when you have downloaded the trainer, you ran the software or it ran in the background.

-firefox.exe and pingsender.exe from Program Files (x86)/Mozilla Firefox. It attempted this at least 5 times. - the program was probaby ran automatically and tried to inject some proceeses into these processes , most likely adware

-The shortcut .lnk files to Firefox - tried to modify the link to launch something malicious

-cmd.exe in Windows/SysWOW64. I don't even know why. - injected some malicious processes

-A save file, and backup save file, from the game I was downloading software from. - this was probably the only legit process of the trainer

-Several profile/cache files from the Firefox app data folders. - injected some malicious proceses into cache files

-conhost.exe from Windows/System32 (!!!) (it attempted this twice) - tried to modify some processes

 

These processes were not deleted. They were only blocked.