dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
4
share rss forum feed

Jrb2
Premium
join:2001-08-31
kudos:3

2 recommendations

reply to Jrb2

Re: Beware of Combofix - contains infected file

Two posts at BleepingComputer:

1.
»www.bleepingcomputer.com/forums/···407.html

By Grinler:

quote:
The download has been pulled since earlier this morning as sUBs investigates the reports. At this time, I unfortunately do not have any other information for anyone.

Stay tuned.

2.
»www.bleepingcomputer.com/forums/···431.html

By Grinler
Information about ComboFix being infected and what you should do

quote:
Unfortunately it has come to light that the program ComboFix had a file in it that is infected with the Sality virus. The minute we heard about this, we pulled the executable so that it is no longer available from BleepingComputer.com. Unfortunately we have no control over other sites that may have mirrored ComboFix without permission, so please do not attempt to download it elsewhere.

The developer, sUBs, is currently looking into what happened and when I have a full update, I will be sure to let you know. From the limited information that I have, it appears that the affected version has been available since approximately 2am EST on January 29th. If this timeframe changes, I will update this topic to let you know. If you have used a new copy of ComboFix downloaded after 2am EST, then you should examine your system for possible infection. If you have used a copy of ComboFix prior to this version, then you should be ok.

In the meantime, it is important for those who may have used ComboFix recently and are concerned they are infected to get the help they need. As the Sality infection has been around for a while, almost all antivirus vendors will have detected it and blocked it when you ran ComboFix. Unfortunately, not everyone has up-to-date virus definitions or uses an AV program, so it is important to examine your system if you have downloaded a new copy and used it since 2am EST.

Read more at that second link!