Jump to content

Recommended Posts

I think MBAM just got me a false positive result.After  a threat scan it found that the registry \HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run|Windows Update with data on C:\Users\wcwra\AppData\Local\Microsoft Windows|svchost.exe is a backdoor.bot,I went to the folder and it was empty,just a svchost.exe.config.

 

backdoor.txt

Share this post


Link to post
Share on other sites

Hello,

This doesn't look like a False Positive. MalwareBytes is detection both files and registry entries. Having no file in that folder means that it was probably deleted by some antivirus/anti-malware software.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.