TheTerrorist_75 Posted February 15, 2007 Report Share Posted February 15, 2007 From TeMerc.http://www.windowsbbs.com/showthread.php?t=62293There appears to be a new rootkit which is targeting ComboFix, created by sUBs, an anti-spyware developer.From a post of his:I have just encountered a rootkit that will cause CF to recursively delete all files from SystemDrive.Pulling the tool till further notice.Please inform your users not to use CF. Who knows if that rootkit is in there.Please spread the word. Also have users delete their copies of CF Please do not use ComboFix until this issue is resolved. Quote Link to post Share on other sites
flashh4 Posted February 15, 2007 Report Share Posted February 15, 2007 Just to add to Whiskeyman report:As most of you all ready know that combofix has a rootkit infection, thanks to Whiskeyman for informing me. I checked around and at MRW they are recommending using this tool insted of Combofix !! Deckard ComboScan toolMore info here!http://forum.malwareremoval.com/viewtopic.php?p=154716#154716 ://http://forum.malwareremoval.com/vie...=154716#154716 ://http://forum.malwareremoval.com/vie...=154716#154716 Quote Link to post Share on other sites
Matt Posted February 15, 2007 Report Share Posted February 15, 2007 Yes, if you have Combofix on your computer, you should remove it. Experts in the HJT areas will not be using it until the issue is resolved. Apparently, the rootkit will cause ComboFix to delete legit files on your system. Quote Link to post Share on other sites
Matt Posted March 7, 2007 Report Share Posted March 7, 2007 ComboFix has been re released. However, do not run the tool randomly. If you need help with a malware situation, post in the Malware Forum Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.