Verifying if hkcmd.exe is a false positive

Discussion in 'ewido anti-spyware forum' started by Cgands, Mar 21, 2008.

Thread Status:
Not open for further replies.
  1. Cgands

    Cgands Registered Member

    Joined:
    Mar 21, 2008
    Posts:
    1
    Hello,

    I had a run in with some trojans yesterday, and went on a bit of a witch hunt. I think I got everything, but I can't tell if a few things that popped up are legit or not. I opened up hkcmd.exe in notepad, and was horrified to see ~2000 lines of this stuff:

    ¶ÃŠA#Æ…Àtƒ}üs‹EôÿEü€ë0ÿEôÿMøˆŠGë¹€û+„
    ÿÿÿ€û-„ÿÿÿéÕþÿÿ9žA

    Am I safe in assuming that it's a virus, or is that normal looking for an Intel file? One of the oddest parts was that way down at the bottom, there was a bit in english, but it said stuff about loading Microsoft runtimes, and copyright Microsoft.. What do you think?
     
    Cgands, Mar 21, 2008
    #1
  2. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    Try uploading it to Virustotal and see what they say. It gets scanned by about 32 different products :)

    http://www.virustotal.com/
     
    lordpake, Mar 21, 2008
    #2
  3. karl.ewido

    karl.ewido former ewido team

    Joined:
    Dec 9, 2005
    Posts:
    236
    Location:
    Germany
    karl.ewido, Mar 22, 2008
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...