New
#161
I have been helping seniors in my retirement center for three years. I only used combofix one time and it allowed me to clean up the PC and get the senior back up and running. I'm by no means telling amateurs to use this powerful tool.
It's always good to have a way to recover if some thing goes wrong. I did run it one time on my PC and experienced good results. I read the malware sections on a lot of forums and seldom see combofix used. It seems to be a last resort for trained malware fighters. If everyone used a 3rd party back up program, malware fighters would be out of a job.
I did take one PC back to factory as it was requested by the senior who had been very badly infected with malware!
There are a lot of user configurable options, but they aren't publicly disclosed. Combofix has a private tutorial which is over 400 A4 pages long.
Jacee and cottonball are the only qualified helpers I know of here (sorry if I've forgotten anyone!). Most helpers can be found here:
http://uniteagainstmalware.com/instructors/
http://uniteagainstmalware.com/eliminators/
cottonball isn't on that list as he helps under a different username at malware removal forums.
We generally do not have Combofix help here as it is quite specialized, and there are dedicated security forums who do it regularly. If you need malware help that requires Combofix, they will instruct you to use it, and how
A Guy
No problem, glad you found it useful.
I understand where you're coming from but it's kept private to stop people recommending it without the necessary training and damaging the computers of unknowing OPs here and elsewhere. It's also to try and prevent malware creators from combating its removal techniques.
There are malware removal tools with public tutorials if you're interested: FRST and OTL. Ultimately, the only way to learn safely is to do it through one of the UNITE schools.
It is not elitist. If they were getting paid, it would be one thing. But since they are all volunteering their time...The software is publicly available because the individuals have to download it somehow. But it's only meant to be used when suggested by a trained expert, and they instruct the individual in it's use for their unique situation. Since it is not meant to be used without supervision, then not making those instructions public makes sense on that alone. A Guy
I appreciate what you're saying, but if the goal is to protect users who can't use the software safely then it seems to me access to the software should be restricted instead of just withholding the instructions. Also when I've used combofix I don't remember seeing a warning and information about where to go for supervision.
Let's face it, 99% of people wouldn't bother to read the 400 page tutorial and that's not even considering, the considerable amount of background knowledge required to remove modern malware infections. It takes over 6 months to complete the training, it's not something you can skim through and hope it works.
The very first screen CF shows is this:
Source: BleepingComputer
It warns not to use it without supervision. Clicking on the link below takes you to this:
ComboFix: A guide and tutorial on using ComboFix
The warnings and information are there but most people won't think twice before disregarding them.You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.
It should also be noted that when you run ComboFix it will automatically delete files from the following locations:
Windows Recycle Bin
Temporary Internet Files
Temp Folder
If you store files that you wish to keep in one of these location, it is suggested that you move them to a safer location rather than relying on the above temporary storage locations.
Please note that this guide is the only authorized guide for the use of ComboFix and cannot be copied without permission from BleepingComputer.com and sUBs. Furthermore, the ComboFix program cannot be hosted at any other site without direct permission from the developer. It is also understood that the use of ComboFix is done at your own risk.
For those who wish to help finance the author's work, he is accepting contributions via Paypal. You can contribute by clicking on the following image:
Using ComboFix
If you need help with malware removal, then please create a topic at one of the forums listed later in the guide and ask for help. Please note that each forum has different policies, so please be sure to read any pinned topics and rules for the particular forum about how you should go about receiving help. If a ComboFix log has been requested by a helper then please create one by following the instructions below.