Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Why do people insist Combofix be used by a 'trained helper'


  • Please log in to reply
15 replies to this topic

#1 Fluttershy

Fluttershy

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:10:37 AM

Posted 10 April 2015 - 05:27 PM

Just seems silly to me. I've used it a lot, it doesn't break your machine... if it did then I don't think people would use it.

Edited by Queen-Evie, 10 April 2015 - 05:45 PM.
moved from General Chat

Qh0JjLo.jpg

 

Fluttershy is best pony.


BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:11:37 AM

Posted 10 April 2015 - 05:35 PM

ComboFix usage, Questions, Help? - Look here

I have seen enough people coming here for help after ComboFix broke their machines... so yes, it is not to be used without supervision.

#3 Fluttershy

Fluttershy
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:10:37 AM

Posted 10 April 2015 - 05:36 PM

It's never broke anything for me... It fixes everything for me. Running 0access deletes the win firewall, defender, and the security center, but combofix fixes this.


Qh0JjLo.jpg

 

Fluttershy is best pony.


#4 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:37 AM

Posted 10 April 2015 - 06:30 PM

Hello Fluttershy,

 

Combofix should not be used without the supervision of a trained helper. This is said for very good reason. Just because you've never had trouble running the tool, certainly does not mean that everyone should use it! Every infection case is different, and Combofix handles different infections differently.

 

In many cases Combofix causes unwanted results (even with those who are very familiar with it's processes), and if/when that happens, more often than not, you're going to need the help of someone who has been trained in it's use, to fix it.

 

No antimalware tool is perfect, and none should be taken lightly. Combofix is no exception to that rule. Some aggressive, automatic routines are implemented during a run of Combofix, that you will not be able to stop from happening...you will instead, need to know how to recover from what's been done. Users who have not been trained in the use of Combofix will most definitely not know how to do this.

 

I hope this answers your questions! :)

 

bloopie



#5 Fluttershy

Fluttershy
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:10:37 AM

Posted 10 April 2015 - 06:48 PM

Hello Fluttershy,

 

Combofix should not be used without the supervision of a trained helper. This is said for very good reason. Just because you've never had trouble running the tool, certainly does not mean that everyone should use it! Every infection case is different, and Combofix handles different infections differently.

 

In many cases Combofix causes unwanted results (even with those who are very familiar with it's processes), and if/when that happens, more often than not, you're going to need the help of someone who has been trained in it's use, to fix it.

 

No antimalware tool is perfect, and none should be taken lightly. Combofix is no exception to that rule. Some aggressive, automatic routines are implemented during a run of Combofix, that you will not be able to stop from happening...you will instead, need to know how to recover from what's been done. Users who have not been trained in the use of Combofix will most definitely not know how to do this.

 

I hope this answers your questions! :)

 

bloopie

 

Alrighty, thanks for the input.


Qh0JjLo.jpg

 

Fluttershy is best pony.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:37 AM

Posted 10 April 2015 - 07:09 PM

Why do people insist Combofix be used by a 'trained helper'

Adding to what has been said...sUBs, the developer of ComboFix, insisted his tool only be used under the supervision and guidance of trained experts since it was first released. That is why his disclaimer clearly states..."ComboFix should never be used in an unsupervised environment".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Fluttershy

Fluttershy
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:10:37 AM

Posted 10 April 2015 - 07:18 PM

 

Why do people insist Combofix be used by a 'trained helper'

Adding to what has been said...sUBs, the developer of ComboFix, insisted his tool only be used under the supervision and guidance of trained experts since it was first released. That is why his disclaimer clearly states..."ComboFix should never be used in an unsupervised environment".

 

But what defines a 'trained expert'

I would call myself one.


Qh0JjLo.jpg

 

Fluttershy is best pony.


#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:37 AM

Posted 10 April 2015 - 07:18 PM

I've used it a lot, it doesn't break your machine.


This argument could be used in pretty much every situations there is, however, it's not because there's an exception that it means that everything else is false or not based on anything else. Just keep that in mind :)
 

But what defines a 'trained expert'
I would call myself one.


Why would you call yourself one? Were you trained to use ComboFix or do malware removal?

Edited by Aura., 10 April 2015 - 07:19 PM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:37 AM

Posted 10 April 2015 - 07:27 PM

But what defines a 'trained expert'
I would call myself one.

Someone who graduated from a Unite School and received training in how the tool works, what it can or cannot do, and other matters we do not discuss in public.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Fluttershy

Fluttershy
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:10:37 AM

Posted 10 April 2015 - 09:47 PM

 

I've used it a lot, it doesn't break your machine.


This argument could be used in pretty much every situations there is, however, it's not because there's an exception that it means that everything else is false or not based on anything else. Just keep that in mind :)
 

But what defines a 'trained expert'
I would call myself one.


Why would you call yourself one? Were you trained to use ComboFix or do malware removal?

 

Probably because I used to study malware a lot (Like Danooct1)

and it's just so easy for me to remove malware from computers now, so people come to me in rl for help.


Qh0JjLo.jpg

 

Fluttershy is best pony.


#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:37 AM

Posted 10 April 2015 - 09:49 PM

Studying malware doesn't mean that you know how to remove them. I know a lot of people in real life that are "good" at technical support, yet don't know anything about malware removal. Malware Removal is mostly about knowing Windows too, and knowing how to proceed to not mess up the system itself. Also, your definition of "study" might not be the definition of "study" of other members here to do this for a living, like Fabian Wosar, White Hat Mike, Didier Stevens, etc.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 Fluttershy

Fluttershy
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:10:37 AM

Posted 10 April 2015 - 09:51 PM

Studying malware doesn't mean that you know how to remove them. I know a lot of people in real life that are "good" at technical support, yet don't know anything about malware removal. Malware Removal is mostly about knowing Windows too, and knowing how to proceed to not mess up the system itself. Also, your definition of "study" might not be the definition of "study" of other members here to do this for a living, like Fabian Wosar, White Hat Mike, Didier Stevens, etc.

Yeah, I do it for a living too.

 

It's just hard to explain for me. I know a lot about Windows. I can't really find the words to explain really.

But all I can say is, yeah, I'm good at this stuff.


Qh0JjLo.jpg

 

Fluttershy is best pony.


#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:37 AM

Posted 10 April 2015 - 09:52 PM

Can you prove that you do this for a living? That you are really as good as you are? It's the Internet after all, so it's hard to prove these things. All the members I mentionned above others have some sort of portfolio or position in a company that shows their skills and/or post content publicly that proves it.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 Fluttershy

Fluttershy
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United Kingdom
  • Local time:10:37 AM

Posted 10 April 2015 - 09:56 PM

Can you prove that you do this for a living? That you are really as good as you are? It's the Internet after all, so it's hard to prove these things. All the members I mentionned above others have some sort of portfolio or position in a company that shows their skills and/or post content publicly that proves it.

Nah, I don't want to go any further.

This'll probably turn into a pointless argument.


Qh0JjLo.jpg

 

Fluttershy is best pony.


#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:37 AM

Posted 10 April 2015 - 09:58 PM

Well I think the discussion is pretty much done since a member of the MRT explained why this warning is posted, and also quietman confirmed it with sUBs' sayings as well.

Edited by Aura., 10 April 2015 - 09:59 PM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users