Posted 17 January 2013 - 04:21 PM
Just to start, I have been using Combofix for several years, successfully removing malware that no other software could detect (nor remove so quickly and effectively). So I'm not a newbie or neophyte when it comes to malware removal.
I've run into a situation where Combofix is detecting a legitimate veterinary software as a malware. I was able to restore the software files from quarantine so no big deal, but I'm wondering how to report a false positive to the author of Combofix. After searching through Bleepingcomputer.com, it appears this is the best way to communicate with Combofix's author. But please point me in the right direction if I am mistaken.
I've had this happen twice now, a few months apart, so I don't think it is an isolated incident. And I don't think that Combofix is legitimately removing an infected file because it removes the entire directory (after removing every single subdirectory and every single file).
Here is the directory that Combofix detects as malware:
C:\Program Files (x86)\AdVantage\
Both incidents have been on Windows 7 Professional 64-bit
I'm guessing that there must be a malware with the name of "advantage" that Combofix is confusing with the legitimate veterinary software of the same name.
Any help anyone can provide in providing this information to the Combofix author or pointing me in the right direction would be appreciated!