Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

training to use Combofix?


  • This topic is locked This topic is locked
19 replies to this topic

#1 saint satin stain

saint satin stain

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Huntsville, AL and Greenwich Village
  • Local time:02:30 PM

Posted 19 April 2010 - 06:58 PM

How do I get the training to use Combofix? I have an old test computer that I can infect, and spare 98SE, XP, Me, and Win 2000.

saint satin stain
Responsible for what I say,
not for what you understand.
www.leftinalabama.com


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,604 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:30 PM

Posted 20 April 2010 - 07:40 AM

Please note the message text in blue at the top of the Am I infected? What do I do? forum.

No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read the pinned topic ComboFix usage, Questions, Help? - Look here.

Training in malware removal and learning how to use DDS, RSIT, HijackThis, or advanced tools like ComboFix, GMER and other anti-rootkit tools is conducted at various online Unite Schools.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 saint satin stain

saint satin stain
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Huntsville, AL and Greenwich Village
  • Local time:02:30 PM

Posted 13 July 2010 - 08:26 PM

Thank you for the info. But I met a guy who works for Microsoft and is instructing me in its use, creation of boot disks, and other emergency procedures.

None of my computers are infected. I do have two test computers that I, with guidance, infected and used combofix, a bitdefender book disk, and other procedures to fix. I know now the reason to keep old computer hardware.

Edited by saint satin stain, 13 July 2010 - 08:30 PM.

saint satin stain
Responsible for what I say,
not for what you understand.
www.leftinalabama.com


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,604 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:30 PM

Posted 13 July 2010 - 08:36 PM

Unless he trained at a UNITE school I am skeptical as to how much he could actually teach you about CF as that information is restricted and only available in private forums.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 saint satin stain

saint satin stain
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Huntsville, AL and Greenwich Village
  • Local time:02:30 PM

Posted 15 July 2010 - 12:47 PM

Unless he trained at a UNITE school I am skeptical as to how much he could actually teach you about CF as that information is restricted and only available in private forums.


How can you have an hypothesis since I didn't say whether he had or any thing about his training. I do have fact to be skeptical about your unwarranted assumption.

I have now used Combofix on one of my test computers and no ill after effects so far. I prefer the scientific procedures, not a throwaway skepticism. May I have a properly limited amen from someone who doesn't jump to skepticism without enough facts?

saint satin stain
Responsible for what I say,
not for what you understand.
www.leftinalabama.com


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,604 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:30 PM

Posted 15 July 2010 - 01:29 PM

I merely stated, I was skeptical as to what he could be teaching unless he was trained in the use of CF...that is not a conclusion or hypothesis which is a proposed explanation or tentative statement for an observable phenomenon (i.e. theory). Saying that I was skeptical was not intended to stir a debate but merely to provide an opinion based on my knowledge and training of how to use CF since you expressed a desire to be trained about the tool and that training is deliberately limited.

There is much more that CF can do under the direction of someone fully trained in using ALL its capabilities other than clicking on it and allowing a scan to be done. In order to take advantage of CF's more powerful features, one needs to know and understand the all information provided by the developer which is restricted to the public in order to protect the integrity of the tool from malware writers. Further, if something should go wrong while using CF, a trained helper would know what to do versus someone without that knowledge.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Guest_RadioNorthsea_*

Guest_RadioNorthsea_*

  • Guests
  • OFFLINE
  •  

Posted 17 July 2010 - 02:22 PM

Quietman7 wrote the next:

No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert.


Quietman7, I was reading that piece of text and I can tell you, that I am not 100% agree with you.
You and the Hijackthis experts\helpers want do us believe, that you and who than too that have learned for Hijackthis are wonderful with this, but I can tell you again, that this is not true.
First before I will further with my message, must I saying the next: People that have not use that tools, they can be better don't use that tools, because they don't know what the tools doing.
People that have more times using the Hjt tools, have experiences with the tools just as the Hijackthis experts and helpers.
With your answer do you or you and your colleagues are perfect.
But that is not true.
I tell you something without names: 2 years ago I had a Trojan, an Ipod file were infected with a Trojan, under accompaniment from a Hijackthis expert on forum X, must I running Combofix, I did anything what the Hijackthis expert told, after ran, the Trojan were gone, but my system were immediately instable.
I have no making mention about this, because I did believe, when I make a mention about this, then they don't maybe believe me, but my system were instable.
Now can you tell beautiful stories about, only Hijackthis experts and helpers can work with these tools, maybe.? But it is precise what I did tell, I am not agree, people that using these tools many times just as the Hjt experts or helpers have the same experiences as the experts and helpers.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,604 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA

Posted 17 July 2010 - 05:09 PM

HijackThis has been around for years and there are many tutorials where folks can learn about how the tool works. Still, we do not recommend folks use it on their own. Why? HijackThis requires advanced knowledge about the Windows Operating System and relies on trained experts to interpret the log entries and investigate them in order to determine what needs to be fixed. Most of the log entries are required to run a computer and removing essential ones can potentially cause serious damage such as loss of Internet connectivity or problems with your operating system which could preventing it from starting. As such, various Unite Schools were formed to train Helpers in its use (as well as other advanced tools like Combofix) so they could assist others with malware disinfection. This training takes dedication and commitment as it can take many months to complete.

Combofix is far more powerful than HijackThis and has advanced capabilities which requires specific training not available to the general public or found in the authorized tutorial provided here at BC. All one needs to do is read the numerous requests for help in this forum by those who used Combofix while unsupervised and their machines were rendered unusable afterwards. Again, please read Combofix's Disclaimer in regards to not using it in an unsupervised environment.

Posted Image

That's the decision by the creator and we will abide by that decision. Those that do not heed that warning, do so at their own risk!!
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Guest_RadioNorthsea_*

Guest_RadioNorthsea_*

  • Guests
  • OFFLINE
  •  

Posted 17 July 2010 - 05:50 PM

Thank you Quietman7 for this very clear explanation.
What you told and also the creator of that program, I am agree.
But I have a question, when a member that haven't learned working with Combofix and he got help from a Hijackthis expert, he must running Combofix, because he has a Trojan, after running Combofix, the person sees that his system is be instable through Combofix, what must he then doing.?
Is the Hijackthis expert then able for solve that problem?
I have also a theory about computers what you buy in shops with in the most causes pre installed o.s. and software.
My theory is as next: Some factories can build the o.s. and software in a bundle on the drive; with bundle do I mean, the software is nestled in the o.s., when you change or delete a file in that structure, then you get problems with the o.s., just like system is instable or it stucks etc.
But when you buy a computer with a blanc Harddisk, then you must installing the o.s. and software self.
The o.s. and software what you did installed on the blanc harddisk from the self made computer or computer in the shop with a blanc hd., then you get the problems not when you run Combofix.
What I did tell is a theory, still do I think that there is a point what is true what I said.
I don't saying that when my theory is right that everyone must using the tool, no, I asking this and I did tell my theory, because I have a HP computer and the factory has bundled the o.s. and software.
I had 2 years ago after help from a Hijackthis expert, that problem.

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,604 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:30 PM

Posted 17 July 2010 - 10:06 PM

No single product is 100% foolproof and can prevent, detect and remove all threats at any given time. That includes specialized tools like Combofix. If a Helper does not see any more evidence of malware and the person he is assisting does not advise he is still having symptoms of infection, that Helper will not be aware. If you are following instructions from an expert Helper and issues with malware persist, then you need to advise your Helper so they can investigate further with other available tools.

For example, HijackThis only scans certain areas of a computer's system/registry to help diagnose the presence of undetected malware in known hiding places. Therefore, it is limited in its ability to detect infection and generate a report outside these known hiding places and its log may not always reveal all the malware on a computer. As such, HijackThis has been replaced by other preferred tools like DDS, OTL and RSIT which provide comprehensive logs with specific details about more areas of a computer's system and registry keys.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 Guest_RadioNorthsea_*

Guest_RadioNorthsea_*

  • Guests
  • OFFLINE
  •  

Posted 18 July 2010 - 04:59 AM

Agree Quietman7.
When the situation is there, I do hope not, then I shall the Hijackthis expert to inform of the incident after the help.
Thank you for your information.

#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,604 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA

Posted 18 July 2010 - 07:31 AM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#13 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:03:30 PM

Posted 18 July 2010 - 04:25 PM

But is it bad to not be certified but still manage to gain lots of knowledge about the windows OS? For instance, in a previous post, I was a bit insulted when someone told me that the link he put out may be too technical. That just dang bothers me. It is the new age, and it's time for folks to not be afraid of computers but for them to learn about what's going on in the world with them. Yeah maybe I'm obsessed, okay, ... there, ... I've admitted it! But I really don't think that matters. as long as the new age is here, computers will be the lives of every one of us. And that's why I question my wanting to be an IT person. Will it hurt me, make me worse than i already am? And not to throw people off, but Quietman7, you probably remember my near encounter with a trojan, don't you? a few months ago? Well, my questions are as follows. was it bad that I took care of it myself and followed the logs of my security programs in order to find the bad files and delete them? Was it wrong for me to go with it and not ask for help except for a check here on this board? And the other thing. When signing up for training, if I ever get in, which it is my dream to do so, what is the best time for me to sign up so that I can concentrate on training, but also be able to do things with my family and my non-technical life? Is it possible to also have a life, a job, friends while in training? any input on this would be wonderful, and I do apologize for the rant there at the beginning.

Regards,
Chromebuster

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#14 saint satin stain

saint satin stain
  • Topic Starter

  • Members
  • 150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Huntsville, AL and Greenwich Village

Posted 19 July 2010 - 05:56 PM

Please note the message text in blue at the top of the Am I infected? What do I do? forum.

No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read the pinned topic ComboFix usage, Questions, Help? - Look here.

Training in malware removal and learning how to use DDS, RSIT, HijackThis, or advanced tools like ComboFix, GMER and other anti-rootkit tools is conducted at various online Unite Schools.


I have advanced knowledge of Apple OS, 1400cs through OS X, several Linux flavors, and from Windows 3.1 to 7.

I didn't need the freaking condescension.

You could have simply told me where to go to find lessons. That all I wanted to know. Can't you simply answer a question without assuming the questioner is an idiot?

You may tell me where to go after this.

I have Vista, I don't like, 7, I do like, and XP Pro, my daily use machine which is protected by my brain, Prevx, Online Armor Premium, Sandboxie, SpywareBlaster (with autoupdate), Trojan Remover, SUPERAntiSpyware, Gmer, IceSword, and Rootkit Unhooker, and HouseCall, as second opinion. I am in NYC servicing my clients now.

I wanted to add Combofix to my arsenal. Please, when I ask a question, just give a straightforward informative, without the newbie admonitions, answer. I have the admonitions internalized already.

Edited by saint satin stain, 19 July 2010 - 06:08 PM.

saint satin stain
Responsible for what I say,
not for what you understand.
www.leftinalabama.com


#15 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:03:30 PM

Posted 19 July 2010 - 06:38 PM

Relax! This place is supposed to be a friendly community, not a war zone. He's right. Just because you have knowledge doesn't mean that you know everything. I know that I have lots of knowledge, but I don't have the answers to all questions, and even me, there's some software I won't touch without guidance. And no one assumes that any question on this board is asked by an idiot. We are all smart in our own right, and we know what we want to know. not everyone is as advanced in computers on an equal scale. Even I know that. So, have a good time here, and as I say, stay true, stay trusting!

Regards,
Your faithful board member,
Chromebuster

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users