Registry mechanic a trojan??

Once I installed CAVS it detected a Trojan and quarantined it but it was regmech.exe and it says the Trojan is backdoor.win32.rbot.afa

This is surely just a false positive right because registry mechanic isn’t a Trojan.


If you suspect it’s a false positive can you submit the file to Comodo through the quarantine section. You should be aware malware does often use seemingly normal names like these in an attempt to fool the user, so it may not be a false positive.

I’d recommend scanning it here to see results from other AV vendors:


I used virus total and it found nothing wrong with it.

I had already removed it from quarantine to use virus total so i can’t submit it. When i scanned the file comodo anti-virus found nothing wrong this time which I suppose is a bit weird but at least it won’t put it in quarantine again.

Ok, looks like it’s already been removed then. You can submit a file that isn’t in quarantine by going to quarantine section (open CAVS>>select quarantine) then selecting the submit files button at the bottom.


Registry mechanis is not a trojan, but you can find some suposed craks that are.
Norton anti-virus can’t find it, but spyware doctor can remove it from XP system.

Thanks i didn’t realise you could do that.

Ok, glad I could help. :slight_smile: