Hi,
I would like to ask for your help and comments.
I often get notifications that Backdoor.Agent.MSIL was quarantined on some of PCs in my company. With 2 PCs it happens every day, with the rest less often. I checked these computers with SCCM endpoint, Malwarebytes Endpoint - both found no issues, cleared cache in all web browsers and temp files but I still get a same warning, also checked file server which these PCs are connected to. Please, could you advise where to look for a reason of that? Is this false positive warning or there is really a backdoor found and blocked by malwarebytes Endpoint while opening files or browsing internet?
Thank you in advance.
Warning message:
Notification Catalog: Client
Description:
Malware threat detected, see details below:
2016-09-22 09:05:46 xsxxxxxxx016 10.35.xxx.xxx Backdoor.Agent.MSIL Quarantined C:\Users\xxxxxxxxx\AppData\Local\Temp\.tmp
Total count: 1.