Saturday, July 4, 2009

ComboFix

Is ComboFix a rootkit scanner? With Gmer and RootRepeal (beta or not it is an excellent tool for finding rootkits) that uses specialized techniques in finding Rootkits. ComboFix has a broad range for other infections and can not key in on a rootkit/rootkits and besides some of the rootkits entries are removed by a CFScript.

As some of you know, ComboFix is a very powerful tool intended by its creator (sUBs) to be "used under the guidance and supervision of an expert", NOT for private use.
So why use it for and a rootkit scanner? With Gmer and RootRepeal. And take a chance and do damage to your computer with ComboFix?

ComboFix was and used for QooLogic, Purity infection, SurfSideKick, QooLogic, Look2Me. These are old infections. The combo of this group is to remove these in one scan. Some Vundo as well. Now, ComboFix is mainly use today for Vundo and it has replaced Vundofix sometime back. ComboFix is use for a lot more infections including some rootkits. That's why ComboFix is updated every day for newer infections and other things as well. ComboFix will remove a lot of bad entries in one scan. What is not removed then a CFScript is done by the helper for the user to run. This is one of the things that are great about ComboFix. Note: Please read DO NOT USE COMBOFIX on your own without supervision!!!
I'll talk about Malware In my next Blog. But I had to post this about ComboFix. Because some end-users are posting ComboFix logs in the help forums without any guidance from a qualified helper. Saying they have a rootkit on their PC.


My next Blog, we'll talk about Malware.

If these tips helped you, or if I helped you elsewhere, please help me to continue to fight malware by making a donation. Also, for me to donate to the authors of the tools we used to remove malware. Just click the PayPal Donation Button below:

Thank You Kenny (Kenny94)










My IP address

No comments:

Post a Comment