Oi4
join:2008-08-09
1 edit | Combofix
Hello there,
I was reading some threads about malware problems and some people advised others to not use Combofix without supervision from someone who has been properly trained because if they do so, it may lead to problems with the normal functionality of the computer.
But what exactly can happen? I mean, as far as I know the 'someone who has been properly trained' just asks you to run combofix and post its log. Then any other necessary removing process is instructed. So what's the problem of just executing the application and letting it try to remove the infections?
Thanks in advance. |
|
MarkAW
Barry White or lil bratt
Premium
join:2001-08-27
Canada
 ·Bell Sympatico
 ·Cogeco Cable
| By just going ahead and doing it yourself without help from someone who knows what they are doing you may remove something that is legitimate and mess your system up.
Here is some lite reading for you on how to use and not to use Combofix »www.bleepingcomputer.com/combofi···combofix
»www.tech-faq.com/combofix.shtml
--
Advertising is legalized lying. - H.G. Wells
Pleasure in the job puts perfection in the work. - Aristotle |
|
redwolfe_98
join:2001-06-11
·RoadRunner Cable
| reply to Oi4
i don't see a problem with running combofix.. i would think that the only thing that it would remove would be bad stuff..
i have run it before, on my computer, to see what it was like.. as i remember it, it changed some settings that i had, but they were easily restored.. |
|
bcastner
Premium,VIP,MVM
join:2002-09-25
Chevy Chase, MD
clubs: 
·Verizon Online DSL
| reply to Oi4
Combofix by sUBs was never intended to be used in the way that that software such as SuperAntispyware or Malwarebytes Antimalware is done. There are several excellent reasons for this Disclaimer shown when you start the program:
Some that I have observed:
• About 1 in 100 times the computer will not longer be able to boot after running Combofix. This requires experienced hands to restore the system to bootability.
• There are several malware infections that "target" Combofix. Experienced Helpers are aware of these infections, and take steps to remove them prior to the use of Combofix. If you do not, various things can happen depending on the infection -- from Combofix being unable to run, to the deletion of the folder C:\Windows\System32, requiring a clean install to repair.
• Combofix makes some rather significant changes to the internals of XP and Vista in order to work. It has to be removed with special instructions to fully and safely revert these changes. Experienced Helpers are aware of how to accomplish the uninstallation of Combofix.
• The real power of Combofix comes not as a general purposed malware remover. It is rather modest in that capacity. Combofix is powerful because it provides to the experienced Helper a convenient and powerful front-end to Scripts. It is because of its scripting strengths, and its unique reporting capabilities, that you see Combofix often recommended. But not because of its abilities as a general malware scanner.
• Many malware removal experts will not respond to a request for help if they see that Combofix was run by the end-user without supervision. You might find after running Combofix that your system problems are worse, and nobody is willing to help you.
There are several general purpose anti-malware utilities where the Author(s) intended the application for general use by end-users without Supervision. Combofix is not one of them, and you would be advised to honor that position taken by its Author.
Best regards,
Bill Castner
--
============
MS-MVP 2004 - -2008, ASAP Member
Users Helping Users
|
|
Oi4
join:2008-08-09
1 edit | Thanks for the information.
So I guess Combofix actions depend on what kind of infection the computer has and what kind of steps need to be taken in order to fix the problem.
BTW, is there any guide or tutorial on how to use this tool? I mean, something on how to completely understand the logs and be able to use scripts and take steps to remove infections? |
|
bcastner
Premium,VIP,MVM
join:2002-09-25
Chevy Chase, MD
clubs:
·Verizon Online DSL
1 edit | There are no guides that I know of, other than in the private sections of malware removal sites that include a training program.
This is at the explicit desire of sUBs. If a site hosts any guide to Combofix, you will be assured of hearing from him about the matter. Even the sites that host guides to Combofix, usually restrict access to graduates of their malware training programs. "Undergraduates" are usually not permitted access. |
|
