Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

JRT, ComboFix, rkill - reporting-only mode possible?


  • Please log in to reply
8 replies to this topic

#1 RolandJS

RolandJS

  • Members
  • 4,517 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:01:20 AM

Posted 10 February 2015 - 10:44 AM

JRT/Junkware Removal Tool - 'cause of excellent advice here, I downloaded and have JRT on-demand ready.

My question: can JRT/Junkware Removal Tool be set and/or run in reporting only mode?

 

I have the same question regarding ComboFix and rkill.

Let me add TDSSRootkitKiller, especially when such flags any Windows OS files.

 

[I'm not home, so my reading time is hitNmiss this morning.]


Edited by RolandJS, 10 February 2015 - 10:45 AM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:20 AM

Posted 10 February 2015 - 10:55 AM

Hello there,

Let me add TDSSRootkitKiller, especially when such flags any Windows OS files.

As far as I know TDSSKiller does have a scan only option (no removal) by choosing Skip for all detected objects.

As for JRT, Rkill and ComboFix, I am not aware that they have any scan only mode - all three will automatically remove anything they perceived as whatever they are designed to remove.

Regards,
Alex

Edited by Alexstrasza, 10 February 2015 - 10:57 AM.


#3 RolandJS

RolandJS
  • Topic Starter

  • Members
  • 4,517 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:01:20 AM

Posted 10 February 2015 - 11:02 AM

Alexstrasza, thanks for your reply; I will place thosethree  into my LastResorts folder.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:20 AM

Posted 10 February 2015 - 11:19 AM

Also on a side note: You should not run ComboFix WITHOUT the guidance of a trained expert.

And I do not recommend keeping copies of those tools, as they are updated very frequently. (unless you have some sort of script that auto-updates them when they are used)

Regards,
Alex

#5 RolandJS

RolandJS
  • Topic Starter

  • Members
  • 4,517 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:01:20 AM

Posted 10 February 2015 - 11:23 AM

Absolutely will update periodically!  I have 'em at arm's length, in "lockup," on the harddrive in case the 'net is down [on my end] when such are needed.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:20 AM

Posted 10 February 2015 - 11:44 AM

Well, JRT checks for a new version automatically when you open it, and if a new one is found, it's automatically downloaded and executed so for this one, you'll be good. But it's still better to download it when you need to use it and not leave it on your system.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:20 AM

Posted 10 February 2015 - 01:51 PM

ComboFix is frequently updated and no one should ever attempt to use an older version. You should only download CF when it is needed.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 RolandJS

RolandJS
  • Topic Starter

  • Members
  • 4,517 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:01:20 AM

Posted 10 February 2015 - 02:35 PM

Thanks all for your gracious advice!  Because, once my ethernet was software-out-cold, I'll weekly update the Last Resorts, and keep 'em "locked up."  I have no plans to use such utilities unless forced to.  I would much rather use them like your other customers do here -- with guidance.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:20 AM

Posted 10 February 2015 - 02:37 PM

Individual assistance and guidance we are always willing to provide.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users