Combofix

Gnosis

Gnosis

Level 5
Thread author
Apr 26, 2011
2,779
239
366
52
Somewhere west of the Mississippi
So is Combofix pretty stable these days? Are crashes related to its removal process rare? Is it generally safe to run (as far as not crashing the OS) if you are sure to shut down all realtime security including firewalls? Does it still have the "Qoobox"?
 
I have a very different opinion of Combofix than many others.

I used to use it in the past to remove infections but most systems would still have corruptions after using it, resorting in Windows having to be re-installed anyway to fix problems. It can remove many infections but fails to fit most system corruption. The success rate of system stability is really low after running it.

I don't recommend it, to me it was just an unnecessary step that didn't solve most issues.

I know many security geeks praise this product, but in all reality if you remove malware as a business like myself, you don't have time to mess with products like Combofix when the success rate is not going to be good most of the time.


Thanks.:D
 
I used Combofix my self And I totally understand Littlebits points on it
and I have to agree I would not recommend it ether,
With some infections It can do more damage than good,
 
I have had mixed feelings with it. While I have used it 5 or 6 times with no ill effects, I have always been a little skeptical of it. Though like you say, many geeks swear by it. I guess maybe it is a good last resort, but hopefully tools like HitMan Pro and KBRD can take care of the mess before that point.
 
I wouldn't even use it as a last resort, if the infections are that bad where no other tools can remove them then it is time to re-install Windows.

Combofix is developed by BleepingComputer.com forum members.
They are a bunch of security geeks that know a lot of about malware infections but not a lot about developing. It is not known if these members are professional developers. To use it correctly you have to do a lot of reading which takes more time than a simple re-install of Windows. My experience with it in the past, a simple malware removal with Combofix completely destroyed Windows several times and I had to re-install. It can be more destructive than the malware infections.

You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.

It is also understood that the use of ComboFix is done at your own risk.
Click to expand...

Warning posted on MajorGeeks- http://www.majorgeeks.com/Combofix_d6402.html

And Softpedia- http://www.softpedia.com/get/Antivirus/Combofix.shtml

The same thing applies to RKill, it is completely unnecessary because you should always remove infection in Windows Safe Mode, most malware can NOT run in Safe Mode, so why would you need to kill a process that can NOT even run? In my opinion these kind of tools are only good for security geeks who have a whole lot of time on their hands and like playing around with malware.

I'm surprised with the number of removal guides recommending to use Combofix and RKill, professional computer techs never use these kind of tools.

Thanks.:D
 
Completely agree with Littlebits.

The best possible option for general used is to backup your image and some kind of rolback tool to go with it.
It took me less than 5 minutes just to rollback the whole system partition in case of a disaster.
This also saves the hassle and time than to reinstall windows, and some of us don't even have a Windows installer disk.
 
Don't know about everyone else, but I'm one of those people that if there is an infection I would either use MBAM or HMP and Trend ;) and if that fails revert to a backup, and if all else fails yes like Littlebits said do a complete re-install. Fixes ALL cases of malware.
 
what i usually do is to create a second partition on the drives (if not already present), move his files there. backup them in an external HDD. backup his soft licenses, run some classic scanners and repair tools (HMP, MBAM, EEK, etc... ) if i have time. if not i reformat.

i play with combofix and others only if my customers have some datas/softs i cant backup/reinstall and only after warning him of the consequences.
 
[undefined=undefined]Don't know about everyone else, but I'm one of those people that if there is an infection I would either use MBAM or HMP and Trend Wink and if that fails revert to a backup, and if all else fails yes like Littlebits said do a complete re-install. Fixes ALL cases of malware. [/undefined]

Ehhh, I know how you Aussies are; when you are faced with a Windows re-install you feed your computers to the crocodiles shortly after coating them with rotten chicken guts. hehe

In all seriousness I like the system image route.
Some of us truly don't have our Windows install CD's.
 
when all is clean i propose them if they want to pay for an image backup of the system and rent a space in my Ext. HDD to keep it safe ^^
 
MalwareCenter said:
Combofix is developed by BleepingComputer.com forum members.
Click to expand...

ComboFix is developed by sUBs, Research Engineer of Malwarebytes.
Click to expand...

From where did you get this info? Where is their development page then?

Combofix homepage is - http://www.bleepingcomputer.com/combofix/how-to-use-combofix

sUBs is a member on the BleepingComputer.com forum.
http://www.bleepingcomputer.com/download/publisher/subs/

All donations for Combofix goes to BleepingComputer.com All Rights Reserved.

Enjoy!!:D
 
@MRF71: both, since some tools can't find all serials

LicenseCrawler : http://www.klinzmann.name/licensecrawler.htm
 
Littlebits said:
MalwareCenter said:
Combofix is developed by BleepingComputer.com forum members.
Click to expand...

ComboFix is developed by sUBs, Research Engineer of Malwarebytes.
Click to expand...

From where did you get this info? Where is their development page then?

Combofix homepage is - http://www.bleepingcomputer.com/combofix/how-to-use-combofix

sUBs is a member on the BleepingComputer.com forum.
http://www.bleepingcomputer.com/download/publisher/subs/

All donations for Combofix goes to BleepingComputer.com All Rights Reserved.

Enjoy!!:D
Click to expand...

"ComboFix is a program, created by sUBs, that scans your computer for known malware, and when found, attempts to clean these infections automatically" source: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
 
Umbra Corp. said:
@MRF71: both, since some tools can't find all serials

LicenseCrawler : http://www.klinzmann.name/licensecrawler.htm
Click to expand...

Thank You! :)
 
You must log in or register to reply here.

You may also like...