Running win 10 home version 20h2 the following folder is taking over 20% of my c: Hello, c:\windows\psexesvc.exe is the executable for the service which psexec runs on the remote machine. Online sandbox report for audit_util.zip, verdict:
LaPorte County Drug Task Force announces 6 arrests for drug, firearms
It seems that malware bytes is taggin this as bad, i saw on another thread this might be a false positive? I tried quarantine but since each backup has a unique string in the file path, it returns each day. @purringtonyes, it should work properly since 7.4.2 (you can use the very fresh 8.0 that we just released this morning):
What does it do, and can i delete it?
Mbam started detecting this around the end of may. Malicious activityany.run is an interactive service which provides full access to the guest system. I could not find the file. Malicious activityany.run is an interactive service which provides full access to the guest.
But i thought on the other thread from a year ago that it was fixed. Usually it's deleted when program/command run by psexec exits. After running spacesniffer on my dell g3, i noticed a huge 14 gigabyte folder whose path was c:\programdata\dell\saremediation\systemrepair. The identified pau is psexec located within the zip wpjcleanup, psexec as well as wpjcleanup are legitimate windows resources, however, have the potential to be exploited.
