QUOTE(BlueWind @ Mar 11 2011, 01:19 AM)
About Combofix and reasons behind
Combofix is intended to be used under a TRAINED MALWARE SPECIALIST because they have the knowledge on how to use Combofix properly and propose a special fix based on the log given. As powerful as it may seem, when helpers use Combofix as a tool, it often takes MORE THAN one round to properly eradicate stubborn infections which I hope this explains the powerful nature of this specialized tool. I believe we have seen enough people in LYN Tech Support forum most of the time suggest victims to run ComboFix based on their experience using it without supervision simply because they thought they had successfully disinfected the whole machine and absence of symptoms does not mean the infection is all gone. Frankly speaking, only trained specialist will only know the inner workings of CF and the way it behaves.
BEAR IN MIND that using this tool will also risk of causing BOOT FAILURE on the machine rendering it useless.
As described from Bleeping Computer :
I have seen enough people ignorant enough to propose the use of this tool whenever there appears to be a malware problem in someone's machine.
Therefore, we PLEAD everyone especially those who are untrained, DO NOT ever suggest victims to run CF and we would like to REMIND you once again that the logs generated each run from CF is solely intended use by a trained analyst.
Note : Combofix is in no way affiliated with combofix.org
Updated on 28/9/2011
So how am i going to become a train specialist in using combofix?? Combofix is intended to be used under a TRAINED MALWARE SPECIALIST because they have the knowledge on how to use Combofix properly and propose a special fix based on the log given. As powerful as it may seem, when helpers use Combofix as a tool, it often takes MORE THAN one round to properly eradicate stubborn infections which I hope this explains the powerful nature of this specialized tool. I believe we have seen enough people in LYN Tech Support forum most of the time suggest victims to run ComboFix based on their experience using it without supervision simply because they thought they had successfully disinfected the whole machine and absence of symptoms does not mean the infection is all gone. Frankly speaking, only trained specialist will only know the inner workings of CF and the way it behaves.
BEAR IN MIND that using this tool will also risk of causing BOOT FAILURE on the machine rendering it useless.
As described from Bleeping Computer :
I have seen enough people ignorant enough to propose the use of this tool whenever there appears to be a malware problem in someone's machine.
Therefore, we PLEAD everyone especially those who are untrained, DO NOT ever suggest victims to run CF and we would like to REMIND you once again that the logs generated each run from CF is solely intended use by a trained analyst.
Note : Combofix is in no way affiliated with combofix.org
Updated on 28/9/2011