Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ComboFix on USB drive


  • Please log in to reply
7 replies to this topic

#1 Phuztone

Phuztone

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:03 AM

Posted 04 January 2012 - 01:54 PM

Is it possible to run CF from a USB drive? Do you need to use a bootable USB drive?

I have come across a virus that disables application files (.exe files)

Thanks!!

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:03 AM

Posted 04 January 2012 - 02:33 PM

No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. When issues arise with new malware infections or other security tools conflicting with ComboFix, experts are aware of them and can advise users what should or should not be done while providing assistance. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment. Please read the pinned topic ComboFix usage, Questions, Help? - Look here.

What specific issues are you having that requires using ComboFix?

Compliments of QuietMan7

Also what makes you think it was a virus?

Many registry cleaners if ran can break various aspects of a computer, so did you run any registry cleaners?

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 34,014 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:03 PM

Posted 04 January 2012 - 03:10 PM

ComboFix will run from a flash drive or CD but you should read the link provided by cryptodan as to why you should not run the tool on your own.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#4 Phuztone

Phuztone
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:03 AM

Posted 04 January 2012 - 06:57 PM

First off, I have been working on computers since MSDOS 3 days. I started out on a Sinclair kit & moved on to TRS-80's. I have studied Basic on a TRS-80 Model 3 & 4, done programming in dBase 3 & Access. I have built all of my computers, except laptops, since the 80286 days & dabbled on some Apples.

I'm not bragging (since I don't really have any reason to), but I'm not a new user or newbie to AV. I'm 60 yrs. young & have been thru most of the AV & spyware tools for years. I have made many efforts to learn about virus' & spyware, which included reading much information on the BC site & others.

I have used ComboFix many times with great success & have saved the logs to try to make a collection to learn from. I'm not very active on many lists that I have been a member of since I don't consider myself a guru or super geek, but I try to keep up with very knowledgeable people on several lists such as EE, & others.

I have read the warnings about ComboFix so many times that I almost think I can recite them, if I was a little younger.

All that being said, I think I can handle CF in most cases, even though I'm definitely not an expert on it.

I asked this question about running CF on a CD because it will not run on this Windows laptop. Other than booting up to the desktop, it will NOT run any applications or executable files, so I can not get any AV, AS, utilities to run (not even in safe mode or safe mode command prompt. As a matter of fact Windows will not run Regedit, command.exe, msconfig, etc. But I have been able to run a couple of AV apps from their bootable CD's. I think most likely I could run UBCD4Win, Barts PE, or some of these if I have to & could probably just run CF after booting from one of these. But I was wondering if there was some sort of bootable CF that I do instead of having to go thru all of those other environments.

Anyway if no one wants to respond to my request, I can easily understand that this forum is very concerned that someone will use CF, screw their system up, & sue the creator or BC for their own stupidity. Anyone & everyone need to know that most all of these utilities are a "use at your own risk if don't know what you are doing" & don't be blaming those very smart people that create these great apps to help us deal with trash out there that is creating these virus' & spyware. So thanks anyway for taking the time to let me know that I don't know what I'm doing & shouldn't be using CF anyway.

#5 jburd1800

jburd1800

  • Members
  • 426 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 04 January 2012 - 07:01 PM

You were answered in post # 3...take a DEEP breath.

“May the sun bring you new energy by day, may the moon softly restore you by night, may the rain wash away your worries, may the breeze blow new strength into your being, may you walk gently thorugh the world and know it's beauty all the days of your life.”


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 34,014 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:03 PM

Posted 04 January 2012 - 09:04 PM

Phuztone, the Bleeping Computer forums are geared toward novice users...most of our members lack the knowledge and experience you have. As such, we are very careful in our replies to ensure they do not use tools or follow instructions without proper guidance resulting in damaging their computers. This applies to many advanced tools and fixes, not just ComboFix. From time to time, we do get new members with more experience but we have no way of knowing that until we get to know more about them.

sUBs, the developer of ComboFix clearly states in his disclaimer that his tool should not be used in an unsupervised environment. This is not without good reason due to the powerful capabilities of his tool and the damage that can result if used improperly. Thus, we provide appropriate warnings to ensure all are aware before using ComboFix.

I hope you understand and can appreciate our efforts to look out for all our member's best interests (including yours).
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#7 Jabooma

Jabooma

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 24 October 2013 - 09:54 AM

i agree with Phuztone in believingthat if its possible to use command line to redirect the scan to a remote registry/drive would be frenominal! i have the ability to fix anything that gets hosed. hell if im that worried i clone the drive before i start. there are many new infections that now keep you from starting CF even in safemode or SM w/command prompt. this would make life much easier for non novices. just put the same disclamers on the new info.



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 34,014 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:03 PM

Posted 24 October 2013 - 10:19 AM

That would be up to sUBs who is the developer of ComboFix.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users