I have a suspected infected file on my system (C:\Windows\System32\wermgr.exe). I suspect that it is infected because it behaves like it is infected. It tries to create lots of .tmp files with random filenames (e.g. C:\Windows\Temp\WER9C1B.tmp, C:\Windows\Temp\WER1AB9.tmp, etc). I’ve seen this happen a lot with other viruses.
Is there a place where I can upload the suspected file to check if its clean or not? It may be that this is a new virus/trojan/whatever that hasnt been picked up yet.
I dont have ANY printers attached to this computer, never have.
How do I check the hash of the file? I have the hash from the VirusTotal website but how do I compare that to the hash of the file on my system?
Also, task manager reports it as “windows error reporting”. Command line is strange, “c:\windows\system32\wermgr.exe” “-outproc” “700” “1172”
It tries to create random files after my computer starts up, eventually gives up after 10 mins or so (I’m using comodo firewall and it reports this as a safe application, but suspicious activity)