|
|
Post by mikkh on Dec 21, 2008 21:10:12 GMT
download.bleepingcomputer.com/sUBs/ComboFix.exeThis is not to be used lightly or for no reason. It's basically a last gasp effort to get a badly infected PC up and running again - which it does quite often. It's a very clever little utility that checks it's own date/version and will not work if you're trying to use an old version - in fact it will delete itself The above link is updated often, so you will get the latest version there, but don't store it anywhere for later use, unless you update it frequently, because if you don't use it in a few weeks, it will be superceded by a newer version. It checks for the more stubborn infections and either fully or partly removes them to make the system more stable - and allow other software to work again. There is a warning that it could possibly break the system, but I've used it dozens of times and never had a problem Be sure to let it complete, as it can take a few minutes on an older system. Highly recommended
|
|
|
|
Post by lazysod on Jan 13, 2009 20:30:47 GMT
Thanks Mikkh I will save the link for emergencies.
|
|
|
|
Post by moralterror on Feb 17, 2009 11:31:57 GMT
This is not to be used lightly or for no reason. ComboFix is a wonderfull and very powerful tool but very dangerous in the wrong hands. It's recommended you seek help from a trained advisor in the approved forums. ComboFix is a private tool if you decide to run ComboFix unsupervised then you do so at YOUR OWN RISK. It's a very clever little utility that checks it's own date/version and will not work if you're trying to use an old version - in fact it will delete itself It used to do that. ComboFix used to delete itself if it was older than 10 days. Reason for that is ComboFix is updated several times a day, after 10 days newer infections would be appearing so the older version would be considered prehistoric. Now though it will ask if you want it to download the newer copy for you. There is a warning that it could possibly break the system, but I've used it dozens of times and never had a problem I do analysis in the forums and haved used ComboFix hundreds of times and have seen ComboFix break many systems. Mostly it's down to user error however other factors do come into the equation eg new infections affecting the running of ComboFix. That's the main reason why it's recommended you seek help in the approved forums before running ComboFix. If your in the forums then analysts, experts and developers would all rush to your aid should ComboFix break your system. If you run it on your own then it's YOUR OWN RISK Be sure to let it complete, as it can take a few minutes on an older system. ComboFix should take an estimated 10 minutes to scan, this is mentioned at the start of the scan and it is stated it may double if badly infected. I have seen it take over an hour to scan and then have to wait 10 or more minutes for the log to open in notepad. It is highly recommended you do not open ANY programs until the log appears. The only Official Guide for ComboFix can be found at www.bleepingcomputer.com/combofix/how-to-use-combofix It includes alternative download links in case mikkh's link is unavailable. It also includes a list of approved helper forums. |
|
|
|
Post by jojo on Nov 14, 2009 14:41:41 GMT
If the Microsoft Windows Recovery Console is not downloaded, is there likely to be any harm done to the machine?
I ask because a friend has an infected machine. I cannot get to it. He has no internet access.
I intend to download Combofix for him, put it onto a memory stick and he will use it about 48 hours later.
But, of course, he won't have the Recovery Console and won't be able to install it later.
Any advice?
Also, any advice of other programs that I can send him.
|
|
|
|
Post by mikkh on Nov 15, 2009 11:39:40 GMT
The recovery console is not essential for it to work, and having followed the advice I wasn't too happy to see it re-enable services I'd deliberately disabled for a quicker running system.
If you don't mind it resetting your services to ultra safe level - install it, otherwise ignore it
As your friend has no internet access, the decision has already been made though. It should still work though
|
|
