TDR alert about certutil.exe file


We have received a TDR alert, the details of which are below :

We checked in the path C:\Users\administrator\AppData\Local\Temp\
But we couldn't find the folder \16d5bcc8-ae6e-4622-81ae-81718dfc9bc1\certutil.exe

Is it a false positive or is it a virus ?
Do you have any idea ?



  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Judging by the path it was placed in one of your PCs temp directories and erased automatically.

    If you have an antivirus scanner, it's likely that it also saw the same file and erased it, I'd suggest checking the logs there.

    Without being able to fully analyze the file it's difficult to determine what it actually was.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.