Bitdefender keeps picking up Windows/ Microsoft services to be malicious!

[Brandon_140]

Hello, I have Bitdefender Total Security 2018 and my Advanced Threat Defense keeps blocking malicious attacks from 2 windows services, wscript.exe and rundll32.exe located in System 32 rundll32. I was wondering if anybody would be able to tell me if these files are actually malicious, could they have been infected with a virus? Should i delete them? I don't know what to do but i know that Bitdefender is a pretty good and widely used antivirus and its detecting them to be malicious.

 

[Rogue Leader]

Hello, I have Bitdefender Total Security 2018 and my Advanced Threat Defense keeps blocking malicious attacks from 2 windows services, wscript.exe and rundll32.exe located in System 32 rundll32. I was wondering if anybody would be able to tell me if these files are actually malicious, could they have been infected with a virus? Should i delete them? I don't know what to do but i know that Bitdefender is a pretty good and widely used antivirus and its detecting them to be malicious.

Definitely do not delete them. However yes they very well could be infected. I suggest doing a full system scan with Bitdefender from Safe Mode in Windows and see what happens.

 

[why_wolf]

Those are normal functions but they can of course be hijacked to mask a malicious application. http://deletemalware.blogspot.com/2013/06/what-is-wscriptexe-and-how-to-remove-it.html
https://www.howtogeek.com/howto/windows-vista/what-is-rundll32exe-and-why-is-it-running/

 

[t53186]

Report that to bitdefender and do not delete. wscipt is the script engine, rundll32 allows programs to dll's. It is however possible that a virus or malware could use either of those safe programs to run it's malicious mischief, so reporting that to bitdefender is wise.

 

[Doctor Rob]

I had a similar issue with bitdefender years ago.. had to stop using them being that ever few months they would send out a update that would kill the PC it was on (NOT all of them.. just the dell manufactured ones.. NO idea why) but at least for me when I had it at an old company I worked at the antivirus would ONLY mess up the dell computers we had in the office. the custom PCs and others didn't have an issue. SO I stopped using bitdefender. (just an FYI on one of the Dells I had fully cleaned and installed a new copy of windows though that was back in the Vista business days / and some used XP as well).

 

[bitdefender.]

Hello, I have Bitdefender Total Security 2018 and my Advanced Threat Defense keeps blocking malicious attacks from 2 windows services, wscript.exe and rundll32.exe located in System 32 rundll32. I was wondering if anybody would be able to tell me if these files are actually malicious, could they have been infected with a virus? Should i delete them? I don't know what to do but i know that Bitdefender is a pretty good and widely used antivirus and its detecting them to be malicious.

Hi. Can you please attach here some screenshots from ATD > Threat Defense? It would help to see the history from there, as a staring point to help you. Thank!