• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Browser executable "blacklisted" after Bitdefender deleted it

Mayonnaise

New Member
Joined
Aug 16, 2023
Messages
11 (0.05/day)
I use Bitdefender Internet Security on Windows 11, and some time ago it happened to detect a threat while I browsed a site with the Librewolf browser. As a part of the disinfection, Bitdefender decided to delete the browser's executable file. After that, I simply have not been able to re-install the browser in the same path as before, since any attempts to write LibreWolf.exe in the same file path are simply denied, and an error message saying the system wasn't able to copy the file is shown. I have tried adding the folder to bitdefender's exclusions, but it didn't seem to help. It seems to have maybe altered something with the operating system itself?

I have ran out of ideas of what to do, and haven't found this exact case searching around, so I decided to ask here in hopes of clues of what might have happened.
 
Joined
Nov 4, 2005
Messages
11,674 (1.73/day)
System Name Compy 386
Processor 7800X3D
Motherboard Asus
Cooling Air for now.....
Memory 64 GB DDR5 6400Mhz
Video Card(s) 7900XTX 310 Merc
Storage Samsung 990 2TB, 2 SP 2TB SSDs and over 10TB spinning
Display(s) 56" Samsung 4K HDR
Audio Device(s) ATI HDMI
Mouse Logitech MX518
Keyboard Razer
Software A lot.
Benchmark Scores Its fast. Enough.
Can you browse to the folder location, after going to View in File Explorer and making sure Show Hidden files and File extensions are checked, take a screen shot and post it?
 
Joined
Feb 20, 2020
Messages
9,340 (6.16/day)
Location
Louisiana
System Name Ghetto Rigs z490|x99|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor 10900k w/Optimus Foundation | 5930k w/Black Noctua D15
Motherboard z490 Maximus XII Apex | x99 Sabertooth
Cooling oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block | Blk D15
Memory Trident-Z Royal 4000c16 2x16gb | Trident-Z 3200c14 4x8gb
Video Card(s) Titan Xp-water | evga 980ti gaming-w/ air
Storage 970evo+500gb & sn850x 4tb | 860 pro 256gb | Acer m.2 1tb/ sn850x 4tb| Many2.5" sata's ssd 3.5hdd's
Display(s) 1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case D450 | Cherry Entertainment center on Test bench
Audio Device(s) Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply EVGA 1000P2 with APC AX1500 | 850P2 with CyberPower-GX1325U
Mouse Redragon 901 Perdition x3
Keyboard G710+x3
Software Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores Are in the benchmark section
Hi,
What path exactly ?

Seems you should be asking bitdefender support I mean you do pay for it right :/
 

95Viper

Super Moderator
Staff member
Joined
Oct 12, 2008
Messages
12,667 (2.24/day)
Bing AI recommends:

It appears that Bitdefender has taken action against a browser executable, causing it to be blacklisted. Let’s explore some steps to address this issue:
  1. Add an Exception:
    • Bitdefender allows you to exclude specific files or folders from antivirus scans. To add an exception for the browser executable, follow these steps:
      1. Click Protection in the Bitdefender interface.
      2. In the Antivirus pane, click Open.
      3. Access the Settings tab and click Manage Exceptions.
      4. Click + Add an Exception.
      5. Enter the path of the browser’s executable file (with the .EXE extension) in the corresponding field.
      6. Alternatively, use the magnifying glass icon to browse your computer and select the executable file.
      7. Turn on the switch next to Antivirus and click Save1.
  2. Submit a Request to Bitdefender Labs:
  3. Temporary Access:
Remember to exercise caution when adding exceptions, ensuring that you trust the website or application. If you encounter any issues, consider reaching out to Bitdefender support for further assistance. ️

I am not big on AI, however, it gave some sound advice...
 

Mayonnaise

New Member
Joined
Aug 16, 2023
Messages
11 (0.05/day)
Can you browse to the folder location, after going to View in File Explorer and making sure Show Hidden files and File extensions are checked, take a screen shot and post it?
In my attempt to recover my browsing session I ended up completely erasing the original folder, now I have LibreWolf installed in a folder at the drive root as C:/LibreWolf. The original folder was inside ProgramFiles, and even attempting to drag the librewolf executable file inside the folder (which still contained all the other files apparently) would result in the same error

Bing AI recommends:

It appears that Bitdefender has taken action against a browser executable, causing it to be blacklisted. Let’s explore some steps to address this issue:
  1. Add an Exception:
    • Bitdefender allows you to exclude specific files or folders from antivirus scans. To add an exception for the browser executable, follow these steps:
      1. Click Protection in the Bitdefender interface.
      2. In the Antivirus pane, click Open.
      3. Access the Settings tab and click Manage Exceptions.
      4. Click + Add an Exception.
      5. Enter the path of the browser’s executable file (with the .EXE extension) in the corresponding field.
      6. Alternatively, use the magnifying glass icon to browse your computer and select the executable file.
      7. Turn on the switch next to Antivirus and click Save1.
  2. Submit a Request to Bitdefender Labs:
  3. Temporary Access:
Remember to exercise caution when adding exceptions, ensuring that you trust the website or application. If you encounter any issues, consider reaching out to Bitdefender support for further assistance. ️

I am not big on AI, however, it gave some sound advice...
I tried adding the folder as an exception and that did not work. If it did, it wouldn't be a good idea to run the browser with it being in the exceptions list either, since it would prevent antivirus action on any kind of attack happening while browsing or downloading files. Which ironically is what got me into this situation, I guess.
As for points 2 and 3, the ai seems to have misunderstood the issue, as it's not a problem i'm having with acessing any specific website.
 
Joined
Feb 20, 2020
Messages
9,340 (6.16/day)
Location
Louisiana
System Name Ghetto Rigs z490|x99|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor 10900k w/Optimus Foundation | 5930k w/Black Noctua D15
Motherboard z490 Maximus XII Apex | x99 Sabertooth
Cooling oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block | Blk D15
Memory Trident-Z Royal 4000c16 2x16gb | Trident-Z 3200c14 4x8gb
Video Card(s) Titan Xp-water | evga 980ti gaming-w/ air
Storage 970evo+500gb & sn850x 4tb | 860 pro 256gb | Acer m.2 1tb/ sn850x 4tb| Many2.5" sata's ssd 3.5hdd's
Display(s) 1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case D450 | Cherry Entertainment center on Test bench
Audio Device(s) Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply EVGA 1000P2 with APC AX1500 | 850P2 with CyberPower-GX1325U
Mouse Redragon 901 Perdition x3
Keyboard G710+x3
Software Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores Are in the benchmark section
Hi,
Ever think to uninstall and reinstall in a normal fashion yeah program files or program files x86 would be normal

You're acting like this browser is a portable in that you can put the browser.exe anywhere you want to and it just doesn't need to installed anything :fear:

Or it's installed and you want to Move the exe file somewhere else instead of a shortcuts from program files ... :/
 
Joined
Jul 13, 2016
Messages
2,826 (1.00/day)
Processor Ryzen 7800X3D
Motherboard ASRock X670E Taichi
Cooling Noctua NH-D15 Chromax
Memory 32GB DDR5 6000 CL30
Video Card(s) MSI RTX 4090 Trio
Storage Too much
Display(s) Acer Predator XB3 27" 240 Hz
Case Thermaltake Core X9
Audio Device(s) Topping DX5, DCA Aeon II
Power Supply Seasonic Prime Titanium 850w
Mouse G305
Keyboard Wooting HE60
VR HMD Valve Index
Software Win 10
Well there's a simple way to determine if Bitdefender altered something in the OS or not, uninstall the program, shut down and cold start the PC, and see if the issue persists. If you don't get the issue after the uninstall then bitdefender didn't alter anything in the OS. If the issue persists after uninstall it could still be lingering files left by bitdefender (unlikely) or it could be a windows or file system corruption error.

Bitdefender and other anti-virus software use a kernel level driver that operates at the same security privilege level as the windows kernel. This means it can act outside of windows observation and controls. Your error message may be caused by Bitdefender intercepting and deleting the file before windows ever gets it's hands on it. It's a protection feature to prevent viruses and malware from spreading but can be a problem if not properly disclosed to the end user as often windows has no idea the anti-virus has done anything.

That including the folder in the exclusion list didn't help is problematic. You may want to try excluding the exe as well: https://www.bitdefender.com/consumer/support/answer/2393/

Also, I'm not sure if Bitdefender let's you reverse actions from it's action log but that's a good place to check to see what exactly bitdefender did, assuming their logging is robust.
 
Joined
Jan 8, 2017
Messages
8,924 (3.36/day)
System Name Good enough
Processor AMD Ryzen R9 7900 - Alphacool Eisblock XPX Aurora Edge
Motherboard ASRock B650 Pro RS
Cooling 2x 360mm NexXxoS ST30 X-Flow, 1x 360mm NexXxoS ST30, 1x 240mm NexXxoS ST30
Memory 32GB - FURY Beast RGB 5600 Mhz
Video Card(s) Sapphire RX 7900 XT - Alphacool Eisblock Aurora
Storage 1x Kingston KC3000 1TB 1x Kingston A2000 1TB, 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) LG UltraGear 32GN650-B + 4K Samsung TV
Case Phanteks NV7
Power Supply GPS-750C
Unpopular opinion, third part anti virus software is not needed and will only cause you headaches, windows defender is enough.
 
Joined
Feb 20, 2020
Messages
9,340 (6.16/day)
Location
Louisiana
System Name Ghetto Rigs z490|x99|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor 10900k w/Optimus Foundation | 5930k w/Black Noctua D15
Motherboard z490 Maximus XII Apex | x99 Sabertooth
Cooling oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block | Blk D15
Memory Trident-Z Royal 4000c16 2x16gb | Trident-Z 3200c14 4x8gb
Video Card(s) Titan Xp-water | evga 980ti gaming-w/ air
Storage 970evo+500gb & sn850x 4tb | 860 pro 256gb | Acer m.2 1tb/ sn850x 4tb| Many2.5" sata's ssd 3.5hdd's
Display(s) 1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case D450 | Cherry Entertainment center on Test bench
Audio Device(s) Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply EVGA 1000P2 with APC AX1500 | 850P2 with CyberPower-GX1325U
Mouse Redragon 901 Perdition x3
Keyboard G710+x3
Software Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores Are in the benchmark section
Unpopular opinion, third part anti virus software is not needed and will only cause you headaches, windows defender is enough.
Hi,
Seems more like the op is doing something they should not be doing hehe
 
Joined
Apr 18, 2019
Messages
1,957 (1.07/day)
Location
Olympia, WA
System Name Sleepy Painter
Processor AMD Ryzen 5 3600
Motherboard Asus TuF Gaming X570-PLUS/WIFI
Cooling FSP Windale 6 - Passive
Memory 2x16GB F4-3600C16-16GVKC @ 16-19-21-36-58-1T
Video Card(s) MSI RX580 8GB
Storage 2x Samsung PM963 960GB nVME RAID0, Crucial BX500 1TB SATA, WD Blue 3D 2TB SATA
Display(s) Microboard 32" Curved 1080P 144hz VA w/ Freesync
Case NZXT Gamma Classic Black
Audio Device(s) Asus Xonar D1
Power Supply Rosewill 1KW on 240V@60hz
Mouse Logitech MX518 Legend
Keyboard Red Dragon K552
Software Windows 10 Enterprise 2019 LTSC 1809 17763.1757
While it is possibly 'falsely flagging' the 'fresh' executable...
Years of 'Tech Services' work tells me to suspect a rootkit.

At least XP-7 era, it was very common for rootkits, trojans, etc. to immediately re-infect a browser .exe upon reinstall.



IMO, if there is a rootkit involved
"write-off" everything on the drives, use a CD/DVD Read-Only Media OS installer and run DiskPart "CLEAN ALL" on the disks. Note: there are better bootable tools for such; I merely prefer '1st party' options, if workable
(It will take awhile, it's a full format + single-pass 0-write.)
These days, I'm not sure if a rootkit can infect more hidden places on a SSD/HDD or in UEFI. So, further mitigations may be required.

If there is an actual rootkit, worm, etc. involved, you'll need to go over every other device on your LAN w/ a fine-toothed comb, too.
 
Top