Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Where is COMBOFIX bug submitting?


  • Please log in to reply
7 replies to this topic

#1 PCuser32

PCuser32

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:16 AM

Posted 01 October 2010 - 09:31 AM

Strangely but COMBOFIX its remove MCE remote volume control
I restored MCE remote volume control by system restore

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,092 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:16 AM

Posted 01 October 2010 - 11:17 AM

Hello, I'm glad to hear you got things sorted out yourself, however, I want to caution you not to run Combofix unsupervised, just to avoid this kind of problem.

Would you have been running this instructed by someone trained to use Combofix, you would have been able to recover the application without a system restore.

To report this, I would need to see the exact file/folder names of what was deleted.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 PCuser32

PCuser32
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:16 AM

Posted 01 October 2010 - 12:31 PM

Its ok, I pc technician so run combofix a lot times in my work
But this time its personal PC in my home

When I run combofix first time its find and remove viruses
after restart with combofix log, I find that in MCE remote everything working except volume
I run system restore that fix volume buttons problem

after 6 days I run combofix again and its find nothing but disable MCE remote volume control again
and run system restore again

Edited by elise025, 01 October 2010 - 01:21 PM.
Logs removed so topic can stay here


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,092 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:16 AM

Posted 01 October 2010 - 01:27 PM

Hi, I removed the logs, since they are not allowed in this forum. This is indeed a false positive detection. I will notify the developer with a copy of the detection.

See here for information about the service that combofix deleted: http://www.bleepingcomputer.com/startups/h....sys-24605.html

I am not sure how this is related to your volume problems, but it seems to be a legit service.

Edited by elise025, 01 October 2010 - 01:28 PM.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,092 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:16 AM

Posted 01 October 2010 - 03:18 PM

Hi, this detection ought to be fixed in a short while. :thumbsup:

As a side note, for everyone who is reading this, it really is not recommended to run Combofix unless trained to use it or instructed by someone who is.
The reason is that Combofix is a very powerful tool and sometimes things may go wrong, causing issues like the one addressed in this topic, or even worse, causing serious problems like your computer no longer booting successfully.
If such a thing happens for example when getting help in a malware removal forum, the helper who instructed you to run Combofix, will be able to help you recover the system.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 PCuser32

PCuser32
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:16 AM

Posted 02 October 2010 - 03:16 AM

Yes I can confirm as many times I run combofix in my work
1% of the runs get wrong like: cannot log in to user account, windows ended with blue screen, corrupted/disabled network
everything deleted from desktop, windows not genuine message(because combofix delete windows crack) and so on ...

#7 Xebozone

Xebozone

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 03 June 2012 - 06:05 AM

Sorry to open an old thread, but I think I found another false-positive for a program called LINE
http://line.naver.jp/en/
A multi-platform messenger app. I'm not sure why it deleted it, but I'm convinced it is safe.

Edited by Xebozone, 03 June 2012 - 07:28 AM.


#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,092 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:16 AM

Posted 03 June 2012 - 10:43 AM

Thank you, I reported this to the developer.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users