Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combofix What Does It Do And When Is It Used


  • This topic is locked This topic is locked
12 replies to this topic

#1 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:11:00 PM

Posted 11 December 2006 - 03:25 AM

Can somebody explain why in some instances combofix is used?
Is it for a specific treatment?

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 33,393 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:00 PM

Posted 11 December 2006 - 12:50 PM

Combofix is a specialized cleaning tool. I'm not sure what infection it is designed for.

Orange Blossom :thumbsup:

Edited by Orange Blossom, 11 December 2006 - 02:27 PM.

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SuperAntiSpyware, SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript


#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 33,393 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:00 PM

Posted 11 December 2006 - 03:00 PM

Here's just a tad more information: a combofix log will show a bunch of registry entries in different categories including what was installed in the recent past - I think 30 days.

Once again, I don't know specifically what it is designed for. Our malware experts can give you much more information on that.

Orange Blossom :thumbsup:

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SuperAntiSpyware, SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript


#4 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:11:00 PM

Posted 11 December 2006 - 03:00 PM

Combofix is a general tool that helps the helper cleaning up a Hijackthis log.
It is able to remove some common infections and helps a user detect files that general scanners cannot find.
It also lists registry keys such as the key keys, the desktop keys, and other areas where malware hide.
The tool has some rootkit detectors too, allowing a helper to see if a rootkit is present on the PC.

#5 peteyg67

peteyg67

  • Members
  • 130 posts
  • OFFLINE
  •  
  • Location:Ireland
  • Local time:05:00 PM

Posted 11 December 2006 - 04:13 PM

I used combofix.exe to help get rid of smeitfruad but it wasnt all down to that it was down to the great help on smeitfruad mike
If u detect smeitfruad on your computer through spybot it does not remove it there is certain processes to go through. Mines got to the stage were it denied me access to my internet

Regards
Peter
:thumbsup:

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,404 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:00 PM

Posted 12 December 2006 - 12:24 PM

If u detect smeitfruad on your computer through spybot it does not remove it there is certain processes to go through.

That's why we have the Spyware and Malware Removal Guides and Reading Room with instructions for removing it and other common malware types. Did you see the self-help guide "How to remove the Smitfraud / Generic Zlob"?
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#7 fozzie

fozzie

    aut viam inveniam aut faciam

  • Topic Starter

  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:11:00 PM

Posted 12 December 2006 - 01:08 PM

Combofix is a general tool that helps the helper cleaning up a Hijackthis log.
It is able to remove some common infections and helps a user detect files that general scanners cannot find.
It also lists registry keys such as the key keys, the desktop keys, and other areas where malware hide.
The tool has some rootkit detectors too, allowing a helper to see if a rootkit is present on the PC.

Thanks for the reply. Is there a place where I can get some more detailed info. i am not going to do things on my own, just am interested to see how what and where to read- and use it.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 32,404 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:00 PM

Posted 12 December 2006 - 02:18 PM

fozzie, there is little information posted for public viewing in regards to this tool and many other specialized fix tools. We don't want the bad guys to see or know how everything we use works. We also don't want folks using some of these tools without the supervison of an expert to guide them along. When you are accepted into a formal training program to learn more about malware removal, there will be ample opportunity for such questions in more detail. Just be patient until then.
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#9 fozzie

fozzie

    aut viam inveniam aut faciam

  • Topic Starter

  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:11:00 PM

Posted 12 December 2006 - 03:57 PM

Okido... :thumbsup:

#10 Grinler

Grinler

    Bleep Bleep!


  • Admin
  • 40,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:00 PM

Posted 17 January 2008 - 11:23 PM

Just a heads up that there is an official guide for ComboFix here:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix - English Version

http://www.bleepingcomputer.com/combofix/f...iliser-combofix - French Version

ComboFix is not a general purpose cleaning tool and should not be as such. ComboFix should only be used when asked by someone experienced in the use of this tool. Using this tool without supervision can cause problems with your computer.

#11 Ziah

Ziah

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:00 PM

Posted 30 January 2008 - 08:00 PM

fozzie, there is little information posted for public viewing in regards to this tool and many other specialized fix tools. We don't want the bad guys to see or know how everything we use works. We also don't want folks using some of these tools without the supervison of an expert to guide them along. When you are accepted into a formal training program to learn more about malware removal, there will be ample opportunity for such questions in more detail. Just be patient until then.



I second this for sure on keeping it secret....even though I am sure they are working on getting around Combofix now. Hello all, my name is Ziah and I am new here. I have been a tech for about 15 years now. I wanted to sign up to reply to this. I totally agree that we should try to keep our tools away from the bad guys. And yes, Combofix is a tool that should only be used by someone that knows what he/she is doing. Recently we have had to even rename some of the tools we use because some spyware is so good at hiding...it can even detect when a tool is looking for it, therefore disguising itself and remaining hidden. I clean many machines daily......the bad guys...just get "badder" and their spyware gets nastier. A smitfraud variant on a customer machine today completely deleted Combofix right as I ran it. I had to pull my usual tricks to get it to run and was finally able to clean the machine. Anyway, it's good to be here and hopefully I can lend some of my years of knowledge to the forum.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,950 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:00 PM

Posted 30 January 2008 - 10:38 PM

Thanks for the informed response Ziah. I would also like to say welcome to Bleeping Computer.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#13 Ultraseamus

Ultraseamus

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:00 PM

Posted 03 March 2008 - 04:35 AM

Just wanted to say that I Just used Combofix to remove some nasty spyware, and it worked wonders, could not be happier or more impressed with the results, keep up the good work.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users