ComboFix - anyone find it useful?
by Willy - 5/1/08 11:19 AM
Tried it to see it work and possibilitgy add it to my tools. kinda primitive but seems effective, it does give a show.
What are your results? -----Willy
by: Willy May 1, 2008 11:19 AM PDT
0 people like this thread
Total posts: 15 (Showing page 1 of 1)
this is NOT a tool for the "average Joe\Jane" as it states:
Due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer. Instead you should use this guide to download and run ComboFix and then post the resulting log in a forum that contains helpers who understand how to diagnose them. These helpers will then help you clean your computer of infections so that it is running properly again.
Well, the test bed did OK. Being happy I tried it on the problem system. It got hosed big time. Yeah, I'm no average Joe, but it happened w/o a clue as to why. BUT, the problem, I tried to correct is so embedded that something drastic had to be done. I always can reformat. In fact this system is so infected, it tops my own list. Its beyond how it got that way, but it is and repeated attempts only keep it in check but not removed. I really tried and so help me Gawd, it was a PITA. So, awaiting all the full restore CDs the owner said they had, will I proceed again. I can recover, but did from day 1, mentioned a reformat is a time saver and necessary cost of recovery. Plus, have a big talk with the kids. -----Willy
Sorry to hear about your misfortune. It is an excellent tool, and is far from "primitive".
Too bad you ignored the warning in ComboFix's disclaimer at the start of the program.
As a tool it became more destructive that the problem, IMHO. I took precautions, but found it rather unstable as the system can't be booted. Thus, i don't see what or where is crapped out under a normal recovery. I did see it work and then not. So, I took it as yet something else to resolve a problem. Thems the breaks, but I won't use but as a last resort, now.
The main precaution that you neglected was working with a security analyst who has access to information about the tool, and who has some idea of what is on the system to begin with. ComboFix is not a general scanner. It targets certain things and can break certain things. When you use it "as a last resort" working closely with someone who has been trained in its use is a must.
every time i try to download combo fix it says, cannot change name and shows combo fix i did not try to change name.
before saving to your computer instead of after saving.
Rename it to Combo-fix before allowing the download.
If you have to use Combofix, follow the guide in http://www.bleepingcomputer.com/combofix/how-to-use-combofix
The trained helper who advised you to run ComboFix will know exactly what that error means and will be able to handle the situation easily. Please report it to that person. If you were not working with someone, there is a list of malware removal forums at the ComboFix Instructions link that Donna posted.
went back and found i had made a mistake. downloaded combo fix and ran it, it was very easy and i do not believe a helper is not needed if you follow the instructions. it went and did its thing. did not find any spy waer but did find a lot of junk which i deleted. Computer is just getting to old so will have to buy a new one. it only has 256mg of ram with xp running it uses all my ram, it use to be a very fine running computer and had no prob running photo shop until i put XP on it and that was the beginning of hell.
As long as you follow an updated guide which is BleepingComputer.com often does, you should not have problem using Combofix.
Maybe an upgrade of RAM is only needed. XP is still supported until 2014.
"i do not believe a helper is not needed if you follow the instructions."
That is correct. A helper is needed for interpreting the output logs, for writing the script to accompany the tool, and for what to do about the malware that ComboFix does not fix or that which is a false positive. Nor are daily changes in the tool (that may cause conflicts /issues) included in Bleeping Computer's instructions. ComboFix was recently pulled from the download sites for a few days because it was turning computers into doorstops. People who had downloaded those copies and were running it off the record had no way of knowing this until it was too late, and had no helper available who could report the issue to the developer.
As long as you are happy with the results that's great. However, I would advise others to read the disclaimer and not to use ComboFix unless they are working with someone who has been trained in its use, and knows what to do when things go wrong.
One od the best functions of ComboFix ...
and one that does not require any "expertise" is its ability to install the Windows Recovery Console as a boot option for those many people with pre-installed systems who lack the Installation CD and thus often have no means to boot to the Recovery Console.
Worked great for...
browser redirect virus. From the research I did, almost no anti spyware program will pick up the dreaded redirect virus. I got something a few days ago that included the redirect virus. SuperAntiSpyware got rid of everything else but the redirect. It's so frustrating that my next step would have been to rebuild my laptop from scratch - format c:. Luckily Combofix automatically removes the redirect virus. No need for a helper if all you do is let combofix run. If anyone wants, I can post the log results.
Indeed, it is useful tool
However, this topic is very old and we rather see discussion on the said topic instead of who can and cannot use. The author of Combofix continues to provide updates on the program and fixes, if needed. A guide to use is also available in many trusted sources.
This old topic is now locked.
Please start a new topic if you need to discuss or ask question again regarding the same subject.
Thank you for your kind cooperation on this moderation note.
Total posts: 15 (Showing page 1 of 1)