backdoor.win32.ircbot quarantine failed

Hi. I am running Windows 7 RC, with Comodo Internet Security. Today it detected ‘Backdoor.WIN32.IRCBot.~OAB@22652972’ in file ‘C:\Windows\System32\wermgr.exe’. I selected the quarantine option, Comodo required a reboot to do it… upon reboot, a message came that the quarantine failed.

I have scanned the file and folder with Comodo, Windows Defender, and submitted the file to for online scanning - all scans show it is clean. Yet… the quarantine failed… I am not sure if I am infected or now, and what to do next?

Thanks for any help!


Welcome. :slight_smile:

This looks like a false positive. ‘wermgr.exe’ located in ‘system32’ is part of Windows Problem Reporting.

Let the analysists look into this. :wink:

Hi, erikman

Please follow the steps described in the following link so we can check the file:


OK - Done.