Hi HJT TEAMS MEMBERS,
Scanner results of ComboFix.exe (by virustotal and jotti)
AntiVir: HEUR/Exploit.HTML
eSafe: suspicious Trojan/Worm
Fortinet: Misc/Dumphive
Ikarus: Trojan.Win32.Autoit.D
McAfee: Bat/sdel
Panda: Suspicious file
Sophos: NirCmd
Webwasher: Win32.ModifiedUPX.gen!84 (suspicious)
Sunbelt: VIPRE.Suspicious
A-Squared: Heuristic.Dialer.RAS
Is they false positive?
Thanks for replies...
Best regards...
Full Version: Combofix.exe
Yes, that are false positives. Most Vendors flag the NirCmd.exe that Combofix uses as suspicious.
Nothing wrong with nircmd.exe : http://www.nirsoft.net/utils/nircmd.html
Nothing wrong with nircmd.exe : http://www.nirsoft.net/utils/nircmd.html
QUOTE(miekiemoes @ Jul 6 2007, 12:33 PM) 
Yes, that are false positives. Most Vendors flag the NirCmd.exe that Combofix uses as suspicious.
Nothing wrong with nircmd.exe : http://www.nirsoft.net/utils/nircmd.html
Nothing wrong with nircmd.exe : http://www.nirsoft.net/utils/nircmd.html
Thank you very much for a fast answer...
You're welcome 
Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.
Everyone else please begin a New Topic.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.
Everyone else please begin a New Topic.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.