Question

win32.hacktool.fullbot in system32

  • 11 April 2019
  • 1 reply
  • 89 views

Hey y'all, this is the first time I've seen anything come up from Webroot.

The files in question are in the Windows/System32/oobe/oem folder, titled as Set_Homepage.exe and SetLockScreen.exe.

Each of them is being read by Webroot as a win32.hacktool.fullbot. What is this and is it safe to simply delete the files there (rarely ever in system32 as I understand)?

Webroot has been unsuccessful in removing the files at all.

Any assistance would be appreciated.

1 reply

Userlevel 7
Hello @Deglorath, Welcome to the Webroot Community Forum. ☺

Please submit a Support Ticket or Contact Webroot Support to sort this problem. This service is FREE with a Paid Subscription.
Support Ticket System is Open 24/7

Note: When submitting a Support Ticket, Please wait for a response from Support. Putting in another Support Ticket on this problem before Support responses will put your first Support Ticket at the end of the queue.

HTH,
Dave.

Reply