Sophos Virus Removal Tool Detects and Removes Computer Threats Including Malware, Viruses, Ransomware, Worms, Trojans and Rootkits. Works Alongside Your Existing Antivirus. NirCmd is classified as such as it can be abused by malware authors. If the use is intended please authorize, either via the quarantine or the Authorization section in the local Sophos client.
What is NIRCMD.exe? NIRCMD.exe is part of NirCmd and developed by NirSoft according to the NIRCMD.exe version information. NIRCMD.exe's description is 'NirCmd'NIRCMD.exe is usually located in the 'C:32788R22FWJFW' folder. Some of the anti-virus scanners at VirusTotal detected NIRCMD.exe. If you have additional information about the file, please share it with the FreeFixer users by posting. Scan your computer with your Trend Micro product to delete files detected as HKTLNIRCMD.GA. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check the following Trend Micro Support pages for more information.
|Antivirus 'False Positive' Problems|
Sometimes Antivirus scanner reports that a program is infected with a Virus or Trojan,even when the program is not really infected with any malicious code.This kind of problem is known as 'False Positive' or 'False Alert',and it's quite a common problem in some of the password recovery tools provided in NirSoft Web site.
The following table contains the latest 'False Positive' problems reported by users of NirSoft utilities. If your Antivirus scanner reports that a program you downloaded from NirSoft is infected with a Virus or Trojan, and that virus/trojan is not listed in the table below, please report about that to [email protected], and specify the name of your Antivirus scanner, and the name of the Virus/Trojan that it detects. It's also recommended to contact your Antivirus company, and ask them to fix this 'False Positive' problem.
Notice: Due to large amount of false positives I receive on daily basis, I decided to stop updating this list.
Instead, I posted this article on my Blog: Antivirus companies cause a big headache to small developers
I hope it'll eventually help me and other developers to decrease the false positives problems.If you want to check the current false positives issues for specific utility, you can use VirusTotal Web site to get virus alerts list in 40 Antivirus programs.
If you want to send a report about a false positive to the Antivirus company, readthe following article that explains how to do it:
How to Report Malware or False Positives to Multiple Antivirus Vendors
|Description||MessenPass||DrWeb antivirus detects MessenPass as infected with Trojan.Inject.4580||01/12/2008|
|ProduKey||AVG McAfee VirusScan Enterprise 8.50 detect ProduKey as infected with Generic PWS.y (Trojan)||26/10/2008|
|WebVideoCap||AVG detect WebVideoCap as Trojan Horse Proxy.XJS.||12/01/2008|
|ProduKey||Symantec Antivirus detect ProduKey utility as 'Security Assessment Tool'.||07/12/2007|
|IE PassView||AVG AntiSpyware reports that iepv.exe isinfected with Dropper.Agent.IU||03/09/2007|
|Protected Storage PassView||Trojan Hunter reports that Protected Storage PassView is infected with PWSteal.ICQSmiley.102||14/06/2007|
|ShellExView||Bitdefender reports that ShellExView is infected with [email protected]||04/04/2007|
|CurrPorts||Norton Antivirus Corporate reports that CurrPorts utility is infected with backdoor.trojan||05/02/2007|
|Network Password Recovery||Trend Micro Antivirus reports that netpass.exe is infected with PE_Generic virus.||05/02/2007|
|Network Password Recovery||McAfee VirusScan Enterprise reports that Network Password Recovery utilityis infected with PWCrack-NetPass.||22/12/2006|
|Protected Storage PassView||BitDefender 8 reports that Protected Storage PassView is infected with Trojan.PWS.Iqsmile.A||06/09/2006|
|IPNetInfo||Trend Micro Antivirus detect IPNetInfo utility as a keylogger.||12/05/2006|
|Mail PassView||AVG 7.1 Pro Antivirus reports that Mail PassView is infected with 'BackDoor.Generic2.Joo' trojan.||02/03/2006|
|Protected Storage PassView||Bitdefender 8.x/9.x antivirus reports that Protected Storage PassView is infected with Application.passview.A||05/01/2006|
|Protected Storage PassView||AVG Antivirus reports that Protected Storage PassView is infected with Downloader.Generic.KZA Trojan||13/12/2005|
|Protected Storage PassView||Norton Antivirus Corporate Edition identifies Protected Storage PassView as Hacktool.Passreminder.||17/11/2005|
|Protected Storage PassView||NOD32 Antivirus (v2.50) detect Protected Storage PassView as Win32/PassView.1_62.||23/09/2005|
|IconsExtract||McAfee VirusScan detects IconsExtract as infected with PassDump.b Trojan.||23/06/2005|
|StartupRun||'Spybot Search And Destroy' reports that StartupRun utility is a malware.||09/12/2004|
|Dialupass||Norton Anti-Virus reports that dialupass.exe is infected with PWSteal.Trojan||09/09/2004|