Hi, I downloaded new version of roguekiller 12.13.6.0, ran it in normal and safe mode and it has not found anything.
Then few hours later, I scanned with it again and it found this:
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1239764888-2148109162-3447206424-1001\Software\Microsoft\Windows\CurrentVersion\Run | Wargaming.net Game Center : "C:\ProgramData\Wargaming.net\GameCenter\wgc.exe" --background '' [7] -> Deleted
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1239764888-2148109162-3447206424-1001\Software\Microsoft\Windows\CurrentVersion\Run | Wargaming.net Game Center : "C:\ProgramData\Wargaming.net\GameCenter\wgc.exe" --background '' [7] -> ERROR [2]
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{438D6068-C8F4-4A4D-9D25-790985B62D50}C:\programdata\wargaming.net\gamecenter\wgc.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\programdata\wargaming.net\gamecenter\wgc.exe|Name=Wargaming.net Game Center|Desc=Wargaming.net Game Center| [7] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{9CA939D7-0F17-47D6-9DB3-25651E0CFE98}C:\programdata\wargaming.net\gamecenter\wgc.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\programdata\wargaming.net\gamecenter\wgc.exe|Name=Wargaming.net Game Center|Desc=Wargaming.net Game Center| [7] -> Deleted
This is probably safe positive,but could you verify it for me please? I am attaching a scan report as well.
Thanks
P.S. There are 4 things found, I was able to delete all 3 except the second one from above. It said error. Is it a problem and may it mean one? Thanks
Topic: Wargaming Suspicious Path found, probably false positive (Read 7611 times)
