Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

[CONCERN] Aw, Combofix...


  • Please log in to reply
9 replies to this topic

#1 Geek Boy

Geek Boy

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 18 August 2013 - 06:55 PM

Combofix, it is not necessary to delete files like FeedNotifier and ExpanDrive 2/3.
 
everytime i run Combofix and it delete ExpanDrive.exe and FeedNotifier so i had to re-install them again when I use this.  I hope it FeedNotifier and ExpanDrive is false positive and add to Combofix's whitelist asap please :)
 
http://www.expandrive.com
http://www.feednotifier.com
 
those 2 above is not malware or virus it just server hard drive and RSS Reader client that's all.
 
 
Regardings,
       theluckyman

Edit: Moved topic from Am I infected? What do I do? to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:36 AM

Posted 19 August 2013 - 10:17 AM

If you believe the detection is a "false positive", the developer (sUBs) will need a sample of the file(s) so he can investigate. Please submit (upload) a copy to this Submit Malware Sample page.
  • Fill in the requested information.
  • Zip the file using a zipping program (i.e. 7-zip, WinRAR).
  • Click the Browse... button and navigate to the location of the file.
  • Click on the file to highlight it and choose Open.
  • Click the Send File button.
  • You will not be able to view the files that have been uploaded as they only show to the authorized users who can download them.
  • sUBs will be able to collect the file(s) from there and examine them.
  • Let me know when you have done this.
Thanks
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:36 AM

Posted 20 August 2013 - 02:54 PM

sUBs would like for you to zip and send him the ComboFix log. It can be found at C:\Combofix.txt
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Geek Boy

Geek Boy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 28 August 2013 - 12:26 PM

ooh sorry i will do it



#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:36 AM

Posted 28 August 2013 - 12:33 PM

Thank you.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Geek Boy

Geek Boy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 28 August 2013 - 12:34 PM

I just recently added file about Combofix log and other 2 programs.



#7 Geek Boy

Geek Boy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 28 August 2013 - 02:01 PM

Mod Edit by quietman7: CF log removed; they are not permitted in this forum.

#8 Geek Boy

Geek Boy
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 28 August 2013 - 02:03 PM

why AM-install.exe deleted it's Ad Muncher programs that blocking ads so im sure it is false positive too.



#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:36 AM

Posted 28 August 2013 - 02:54 PM

sUBs would like for you to zip and send him the ComboFix log. It can be found at C:\Combofix.txt

You posted the full log in this thread which I had to remove....they are not permitted in this forum.

Please follow the instructions I provided in Post #2 for zipping and sending a file to him.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:36 AM

Posted 30 August 2013 - 08:05 PM

sUBs told me he received some files but they were incomplete...there was only one CF log showing the removal of C:\program files (x86)\Feed Notifier\notifier.exe

He said to advise you that ComboFix finds the file suspicious & that you should refer this to the developer of FeedNotifier. If possible, the developer should digitally sign his file & ComboFix will not touch it then.

For ExpandDrive, sUBs needs the CF log (submit it same as the other one) or provide me the full path to where it's located on your computer like the one shown above for notifier.exe.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users