Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combofix leaving a "boot" folder on the root????


  • This topic is locked This topic is locked
5 replies to this topic

#1 ZiggyStardust32

ZiggyStardust32

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 16 August 2012 - 03:01 PM

I have noticed several times after running combofix it leave a "boot" folder on the root of the boot drive. I can't find out much about it other then maybe it being there as a result of combofix cleaning a boot sector virus. I know you can't remove it or the computer won't boot :)

The "Boot" folder is not a standard XP folder. It is sitting on the root not hidden. My fear is someone is going to delete it and all hell will break lose. Did Combofix put that folder there? Why? How can you safely remove it?

Edit: Moved topic from to the more appropriate forum
Roger

Edited by rotor123, 16 August 2012 - 03:05 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:30 PM

Posted 16 August 2012 - 05:02 PM

sUBs, the developer of ComboFix, has asked that the inner workings of the tool not be discussed in public in order to safeguard and protect the integrity of the tool from malware writers.

:step1: Questions about ComboFix and how it works:

ComboFix usage, Questions, Help? - Look here

Safeguarding ComboFix from malware writers is necessary and important so that we can continue to use it without attackers having knowledge how to defeat it. Everything we discuss can be read by the bad guys. Yes, they read forum topics looking for clues on how to circumvent our tools. We don't want to provide any information they can use against us so we deliberately limit discussion in public areas which sometimes may appear vague or not fully address a specific question. That's the decision by the creator of ComboFix so we hope you understand and it should not be taken personal.

Without going into specifics, I can tell you ComboFix creates it logs/folders at the root of systemdrive by design.

The proper removal of its folders, files and logs is to uninstall ComboFix following these instructions.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 sabaithaime

sabaithaime

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 31 May 2015 - 03:29 AM

Hi quietman7

 

I followed the above instructions, combofix appeared to uninstall properly (uninstall asked me to suspend Kasperky shields which I did) howevever I still have combofix folder in my windows explorer.


Edited by sabaithaime, 31 May 2015 - 03:41 AM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:30 PM

Posted 31 May 2015 - 07:46 AM


Download DelFix by Xplode and save to your Desktop.
  • Double-click on delfix.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Put a check mark next to these items:
    - Remove disinfection tools
    - Create registry backup
    delfix.jpg
    .
  • Click the "Run" button.
  • When the tool has finished, it will create and open a log report (DelFix.txt)
  • A copy of that report will be saved to the following location C:\DelFix.txt.
-- Doing this will remove many specialized tools downloaded and used for malware removal. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click on it and choose delete).
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 sabaithaime

sabaithaime

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 31 May 2015 - 03:43 PM

Thank you very much quietman7 . I appreciate your support and apologise for the duplicate postings. Im just finding my way around the forum.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:30 PM

Posted 31 May 2015 - 04:16 PM

You're welcome. :thumbup2:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users