Printable Version of Topic

Click here to view this topic in its original format

BleepingComputer.com _ HijackThis Logs and Virus/Trojan/Spyware/Malware Removal _ Combofix.exe

Posted by: taba Jul 6 2007, 03:22 AM

Hi HJT TEAMS MEMBERS,

Scanner results of ComboFix.exe (by virustotal and jotti)


AntiVir: HEUR/Exploit.HTML

eSafe: suspicious Trojan/Worm

Fortinet: Misc/Dumphive

Ikarus: Trojan.Win32.Autoit.D

McAfee: Bat/sdel

Panda: Suspicious file

Sophos: NirCmd

Webwasher: Win32.ModifiedUPX.gen!84 (suspicious)


Sunbelt: VIPRE.Suspicious

A-Squared: Heuristic.Dialer.RAS


Is they false positive?

Thanks for replies...

Best regards...

Posted by: miekiemoes Jul 6 2007, 04:33 AM

Yes, that are false positives. Most Vendors flag the NirCmd.exe that Combofix uses as suspicious.
Nothing wrong with nircmd.exe : http://www.nirsoft.net/utils/nircmd.html

Posted by: taba Jul 6 2007, 05:28 AM

QUOTE(miekiemoes @ Jul 6 2007, 12:33 PM) *
Yes, that are false positives. Most Vendors flag the NirCmd.exe that Combofix uses as suspicious.
Nothing wrong with nircmd.exe : http://www.nirsoft.net/utils/nircmd.html


Thank you very much for a fast answer...

Posted by: miekiemoes Jul 6 2007, 05:29 AM

You're welcome smile.gif

Posted by: miekiemoes Jul 17 2007, 02:29 PM

Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Powered by Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)