Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combofix.exe


  • This topic is locked This topic is locked
3 replies to this topic

#1 King_Yoshi

King_Yoshi

  • Malware Study Hall Senior
  • 1,392 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 29 March 2009 - 01:28 PM

I have looked around, and keep getting told this when asking questions about combofix:

Combofix is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.


So I would like to know the exact reasoning behind this. (Besides that its to keep the program safe, because I find that complete BS. (If someone REALLY wanted to they would start to reverse engineer it.)

So to get to my point, I have an old computer that I am testing security programs on, so that when I buy my new computer, it has the most up to date, and what I deem the "best" security programs. (I know its impossible to be completely protected, but you can go to certain extremes with security)

I know that currently Combofix seems to be one of the best public programs used for removing trojans, worms, and rootkits. What I do not understand is why people are so anal, to those of us that have a working knowledge of computers, when it comes to reading combofix logs? (Even though most of them are quite self explanatory)

I have realized that part of the problems, and reasons that people in fact get infected by malware, trojans etc., is because of there lack of knowledge in these subjects, and do not understand why those who know this knowledge are so ARROGANT to share it. (If you don't want it known DON'T GO PUBLIC!)

Edited by King_Yoshi, 29 March 2009 - 01:28 PM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,113 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:16 PM

Posted 29 March 2009 - 01:38 PM

Perhaps this can explain some of the reasoning why it is not recommended to run this tool on one's own.

Running ComboFix by yourself is like performing open heart surgery on yourself--the scalpel and other surgical tools that is ComboFix is meant to be wielded by a highly trained surgeon only in emergencies or dire circumstances. When the surgeon is thru s/he leaves the room. So combofix should be removed from a system once it has accomplished its job, unlike an AV that is there to protect you from future infections.

. . . CF does make some alterations to your system if you run it. Even if you had no malware removed and run the uninstall command, some things may be different now on your system. I can tell you that one thing is that all your restore points will be flushed out and a new one created. There is a good reason to do that when you have a severe infection--but if you aren't infected you might need those restore points.

Read and abide by the disclaimer people. It's there for a reason. Stick to running and protecting yourself with a good AV and firewall and an anti-malware scanner or two. If you feel you need a second opinion, try running online scans. If you feel you might need surgery, come here to BC and ask for help--that is what we're here for.


From: http://www.bleepingcomputer.com/forums/ind...t&p=1159014
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif

#3 King_Yoshi

King_Yoshi
  • Topic Starter

  • Malware Study Hall Senior
  • 1,392 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 29 March 2009 - 02:34 PM

Thank you for the link it explains alot. :thumbsup: However I it also states many things I disagree with.

#4 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:07:16 PM

Posted 29 March 2009 - 03:48 PM

The main reason is because the author of Combofix wants it that way. Plain and simple and we honor their request
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users