VOGONS


First post, by liqmat

User metadata
Rank l33t
Rank
l33t

Had to run Combofix recently for another sticky rootkit issue and noticed Combofix deletes the dgVoodoo roaming profile folder and files. Any reason for this or any ideas why Combofix sees this as a threat? Probably a false positive, but none of my other scanning software has issue with it. Thanks.

Reply 1 of 1, by Dege

User metadata
Rank l33t
Rank
l33t
liqmat wrote:

Combofix deletes the dgVoodoo roaming profile folder

I don't have any idea why it does that.

However as for the dgVoodoo files, some AV's detect them as a threat. Recently I experimented with them on Virustotal.com and 2-3 of the AV's detect the CPL app as a threat even when it's not compressed. 😵