C:users\username\AppData\Local\Temp\RarSFX1/bddeploy.exe

Mark12
Mark12
edited February 2022 in Protection - Malware/ Firmware/etc.
PXL_20220213_214954588.MP.jpg
PXL_20220213_215012361.MP.jpg

I am wondering if Bitdefender has been the victim of a supply chain hack !!

I login into my computer under a non-admin account. When I login, my computer prompts me to enter my admin password to install two files:

C:users\username\AppData\Local\Temp\RarSFX1/bddeploy.exe

C:users\username\AppData\Local\Temp\RarSFX1/installer.exe

The digital certificate for the file appears to be from Bitdefender.

I have attached screen shots !!

The Bitdefender app indicates that it is up to date so it is unclear why there is a file being auto-downloaded to my temp folder trying to auto-execute itself.

Interestingly, when I open my Temp folder to locate the downloaded file in order to scan it, the file folder and file, appear then disappears on its own so it cannot be scanned.

There does not appear to be a way checking the file as it appears that trying to locate it causes the file to disappear. Also no way to send this concern to Bitdefender.

I thought about posting this on youtube.

Any thoughts ?

Bitdefender, please respond

Answers

  • Alexandru_BD
    Alexandru_BD admin

    Hi,

    As specified in the previous thread, this might be an install task that hasn't cleared. Please contact our Technical Support Teams, as they will be able to troubleshoot this and may request some logs in the process. You can get in touch with our engineers by choosing one of the contact methods available here:

    https://www.bitdefender.com/consumer/support/

    Stay safe.

    Premium Security & Bitdefender Endpoint Security Tools user

All Time Leaders

Categories

Defenders of the month