I not want to speak with the author or disasseble the program (that i still consider really useful), but i want only to speak with someone that maybe have the same problem, and try to slove it.
Seem that the incompatibility is with Symantec Endpoint Protection (ALSO DISABLED), as on machines without it installed the ComboFix has run very well removing all the bad things without do a manual search of the rootkits/virus on the system, but on machines with it installed (AND NOT ACTIVE) it has screwed something. I not want to say that someone has broken some pc, i want only to find how to slove the problem.- only that!!!
Sorry, who is as an expert? Only the coder of the program?
You are not supposed to run combofix without supervision of an expert.
I consider myself at least a little bit expert, i know how to remove rootkits also by hand or sort all things of troubles on windows systems. I work it the computer world by about 15 years (personally i've started with win95), and i do it with passion.
I like combofix as it removes all the bad things with only few clicks, it save me time a lot of time.
For know what combofix has done on my system i can do a regmon and filemon while it run, but i will get a lot of data to analyze, and i not like too see what the coder has done. So i've searched ONLY a little bit of help.
ComboFix is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.
I've read the disclaimer, i'm trying to search only a bit of help, nothing more!
What you mean by trained? There are no public info about the program, so what training is necessary?
Unfortunately the author of the tool does not want information on how Combofix works on public forums.
The only public information that is available can be found at this guide:
How to use ComboFix
The title "Combofix has broken my dos shell..." maybe was a little bit aggressive, but i'm italian, and i not write english that well (as probbaly you have seen), so i'm sorry for that, but if possible, i want to share with someone this problem, and MAYBE found a way to slove it.
The original thread was:
This is my first post, so... Hi everybody
I'm a pc technician, programmer, know a bit of networking and much other things...
One of this things is remove virus in client's pc's...
On some of this infected pc's i've run combofix, that on most of the pc's has done it's job without problems, but on some machines when has finisched it has left the wrong date time settings and has broken the dos sessions...
The wrong datetime settings was easily sorted, but i not find a way to fix the dos shell...
It set a wrong keycode, that i sort using the kb16 command on the autoexec.nt (but it seem that affect only the command.com, not the cmd.exe) and also every time that i execute an external dos command for the first time on the dos shell, it beep an error with casual characters, ended by a - 1252, the are the only readable chars...
What can i do to fix this problem?
So, now you can close also this thread, and probably also banning me from the forum, but will be more nice if we can speak freely and try to sort what has gone worng.
As said, seem that symantec endpoint is the problem (also disabled). Seem an user setting broken, as entering with the admin user there is no problem...
Really thanks for your attention (if you have read all without banning me )...