Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Systinternals TCPView (Tcpvconv.exe) false positive


Ransom
 Share

Recommended Posts

Tcpvconv.exe, part of the Windows Sysinternals utility TCPView, is being detected on my system as "Trojan.Sharik.VX".

 

It's available here: http://technet.microsoft.com/en-us/sysinternals/bb897437

Or as part of the Sysinternals Suite: http://technet.microsoft.com/en-us/sysinternals/bb842062

 

The file does not appear to have changed since 2010.

It is detected while in the orginal .ZIP files from Sysinternals as well as after it is extracted.

 

VirusTotal results: https://www.virustotal.com/en/file/c9c3f0c4e7519d3a1f4ca427635f994a06613e94cb049f48c10151fab8888183/analysis/1416901028/

 

I have attached the .ZIP from Sysinternals and the scan log for the extracted contents.

tcpconv_mbam-log-2014-11-25.txt

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.