1

I was just trying to open a .txt file and when I clicked on it, it asked me to choose a program to open the file with. I clicked on the app and the box disappeared. I tried it multiple times and after 4 times, I could finally set Notepad as my default .txt file editor. But when I looked at the log of Bitdefender, it said it had blocked an Injection with the message below:

Injection detected as Gen:Variant.Bulz.185472 was performed by C:\Windows\System32\OpenWith.exe and was blocked. Your device is safe.

Is it a false positive? Or is it something else? By the way, I'm using Windows 11.

UPDATE: I also did a C Drive scan, and it detected nothing suspicious.

UPDATE 2: Bitdefender logged the injection each time I clicked the file and tried to set the default viewer.

MBiabanpour
  • 125
  • 5

1 Answers1

1

I just tested my own C:\Windows\System32\OpenWith.exe with Virus Total and it generated this report, where none of the antivirus engines detected it as a virus, including BitDefender. You could verify that you're using the latest virus definitions and try again.

If the problem isn't solved by the latest virus definitions, I suggest to use Virus Total to upload and test your own OpenWith.exe. If you get the same results as me, then this is just a false positive.

However, if any one engine found it as infected, then see the post How can I remove malicious spyware, malware, adware, viruses, trojans or rootkits from my PC?

Note: In case the above error is misleading, it's possible that BitDefender is not detecting OpenWith.exe as a virus, but rather the application you're using to open the file with. So test this application in the same way.

harrymc
  • 455,459
  • 31
  • 526
  • 924