Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

False positive - Seventeen or Bust


  • Please log in to reply
2 replies to this topic

#1 Chaky

Chaky

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:12 AM

Posted 13 January 2010 - 06:56 AM

I've just ran Combofix on my PC (XP Pro, 32bit, SP3) and it deleted the installation of "Seventeen or Bust" software. That software is legit and is used to calculate prime numbers. Not malware.

Here's a clip of the log

-snip
Other Deletions

c:\program files\SB
c:\program files\SB\Readme.txt
c:\program files\SB\ReadMe9X.txt
c:\program files\SB\ReadMeNT.txt
c:\program files\SB\sb.exe
c:\program files\SB\sb.log
c:\program files\SB\sobsvc.exe
c:\program files\SB\sobsvc9x.exe
c:\program files\SB\uninst.exe
-snip-

(I don't see viruses with readmes too often)

I believe that the root of the problem is folder's name. It must got confused with "Program files\sb.dat" (or similar). I saw that name in several posted combo logs.

Edited by Chaky, 13 January 2010 - 05:27 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,968 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:12 PM

Posted 13 January 2010 - 12:47 PM

Please note the message text in blue at the top of the Am I infected? What do I do? forum.

No one should be using ComboFix unless instructed to do so by a Malware Removal Expert. Please read the pinned topic ComboFix usage, Questions, Help? - Look here.

With that said, the developer has been advised and I will move this thread to a more appropriate forum.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Chaky

Chaky
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:12 AM

Posted 13 January 2010 - 05:26 PM

Well, I like to live dangerously. :thumbsup:

I'm not a noob when it comes to PCs (unlike with this forum, heh) and I am using Combofix on the regular basis. Never gave me any trouble. Quite the contrary. Once it rid me of some trojan (Vundo, I think) that killed my firewall, AV software, ability to boot into safe mode... (that's what happens when you press "enter", instead of "delete" on obvious malware.. :flowers: ).

Suffice to say that I was just about to format my drive when I gave Combofix a try. (On my own. I haven't posted anything here nor anywhere else a support request)

P.S.
No malware can screw up OS as efficiently as I can with my poking around the areas where I poking only brings trouble. That's how I've learned my trade. :trumpet:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users