I recently downloaded and installed NordLocker from the Nord Account download page. After installation completed I got several alerts saying that malicious activity was detected and blocked. It identified several issues with NordLocker and isolated and quarantined files associated with it. Specifically C:\Program Files\NordLocker FS\unins000.dat and F:\NordLocker\unins000.dat. I installed it on a portable disk drive and was curious as to why the above files referred to C drive and F drive. Other files that were flagged and quarantined were C:\ProgramData\Microsoft\Windows\Start Menu\NordSec\NordLocker.lnk, C:\Program Files\NordUpdater\unins000.dat, and C:\Users\AppData\Local\IsolatedStorage\24crmgtx.jku\hnq10dca.u13\Publisher.hx1nrcf14q4exxmorjpnoblkw34ni0an\identity.dat. It also showed this message in the log:
Feature:
Advanced Threat Defense
Bitdefender detected potentially malicious behavior and blocked all applications involved. Detection ID: SuspiciousBehavior.64146BAE3C107DE6
It also said Nordlocker SysTray.exe was Malware
Is anyone aware of this issue and could this be a false flag? One problem I have now is what to do next? I can't uninstall the program since the uninstall files have been quarantined. Should I create an exception to reactivate these files? If not how do I uninstall the suspect program?
