Author Topic: Virus or false positive in Windows Server 2012  (Read 761 times)

Offline white31

  • Comodo Family Member
  • ***
  • Posts: 92
Virus or false positive in Windows Server 2012
« on: January 29, 2017, 07:21:02 AM »
Hi, CIS resently founds 2 malware in Win Server 2012 Standard R2 clean installation. It's powercfg.exe in the locations:
F:\Windows\SysWOW64 and
F:\Windows\WinSxS\x86_microsoft-windows-p..nfiguration-cmdline_31bf3856ad364e35_6.3.9600.16384_none_9dfb7cbe9c58b9a6
Im not sure about this now. I have scanned these locations with Emsisoft Emergency Kit, DrWebCureIt and Spybot S&D but they didn't confirm the same existence. I'm not allowed to install any other scanners (like Malwarebytes) because that PC is at my workplace.
The problem is that I can neither upload powercfg.exe to VirusTotal or Comodo Valkyrie because it does not allow me, nor copy it to any other place, says: "File access denied. you require permission from Trustedinstaller..." and I don't want to change permissions of the file.

Any suggestions?


 

Seo4Smf 2.0 © SmfMod.Com Smf Destek