TDR alert about certutil.exe file

ABIDIMOHAMEDALIABIDIMOHAMEDALI
in TDR - General Questions

Hello,

We have received a TDR alert, the details of which are below :

We checked in the path C:\Users\administrator\AppData\Local\Temp\
But we couldn't find the folder \16d5bcc8-ae6e-4622-81ae-81718dfc9bc1\certutil.exe

Is it a false positive or is it a virus ?
Do you have any idea ?

Thanks.

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @ABIDIMOHAMEDALI
    Judging by the path it was placed in one of your PCs temp directories and erased automatically.

    If you have an antivirus scanner, it's likely that it also saw the same file and erased it, I'd suggest checking the logs there.

    Without being able to fully analyze the file it's difficult to determine what it actually was.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.