Combofix.exe pickedup by Antivirus software

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by LNX, Sep 5, 2008.

  1. LNX

    LNX Private E-2

    Hello,

    I've been having a interesting experience were my anti-virus software has been picking up Combofix.exe as a virus. I was wondering if anyone else has been having this problem.

    I was using AVG 8 but switched to Avira AntiVir Personal for other reasons.

    Both detected it.

    Here's what Avira AntiVir Personal said:

    E:\A&M Cleanup\ComboFix\ComboFix.exe
    [0] Archive type: RAR SFX (self extracting)
    --> 327882R2FWJFW\NirCmd.cfexe
    [DETECTION] Contains recognition pattern of the APPL/NirCmd.E.2.B application
    --> 327882R2FWJFW\nircmd.com
    [DETECTION] Contains recognition pattern of the APPL/NirCmd.E.2.B application
    --> 327882R2FWJFW\NirCmdC.cfexe
    [DETECTION] Contains recognition pattern of the APPL/NirCmd.E.1.B application
    --> 327882R2FWJFW\psexec.cfexe
    [1] Archive type: RSRC
    --> Object
    [DETECTION] Contains recognition pattern of the APPL/PsExec.E application
    [WARNING] The file was ignored!

    Is this a false positive or is there really something harmful hidden in Combofix.exe.
     
    LNX, Sep 5, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    They are false positives. Those programs used by ComboFix are valid programs.

    See:http://www.nirsoft.net/utils/nircmd.html

    And psexec.exe is a program from SysInternals which is part of Microsoft. See: http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx

    Why do you have ComboFix on your PC anyway? It is not something you should be using on your own and there is no sense keeping it around after using under expert directions to remove malware. It should be uninstall after cleanup has been completed. It also has expiration dates.
     
    chaslang, Sep 6, 2008
    #2
  3. LNX

    LNX Private E-2

    Well aware of that. Thank you again for clarifying that.:)
     
    LNX, Sep 7, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
    chaslang, Sep 7, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds