Jump to content
Lesyk009

Winver.exe - False Positive?

Recommended Posts

Got a few computers reporting the following two files as malicious and quarantining them. 

\Windows\SysWOW64\winver.exe

\Windows\winsxs\x86_microsoft-windows-winver_31bf3856ad364e35_6.1.7600.16385_none_b627d45ffdcc6f00\winver.exe

Anyone have the same issues? 

Share this post


Link to post
Share on other sites

Hello, can you post an MBAM log and a copy of the file please? Will need to zip the file to attach it.

Thanks!

 

Share this post


Link to post
Share on other sites

I unfortunately am remote at the moment and have shut down the computers that these were caught on. 

One of these was caught in a windows.old folder so it seems like this should have been caught before if it was a legit issue. 

Share this post


Link to post
Share on other sites

Hi again,

I think we may have found the issue and are in the process of doing an update. I'll let you know when the update is out so you can double check.

 

Share this post


Link to post
Share on other sites

Update has been released that should resolve the issue you are seeing:
MBAM2 Version: v2019.10.16.03
MBAM3 Version: 1.0.12927
 

 

Edited by blender
typo

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.