is combofix a trojan itself?

January 20, 2010 at 11:42:53
Specs: Windows XP
it was detected by various antivirus programs do not use combofix it installs a virus. There are some *old* post which promote installing combofix. Hell there is even a GOLD MEMBER promoting this botnet program. Please delete combofix from your forum

See More: is combofix a trojan itself?

Report •

January 20, 2010 at 15:26:47
ComboFix is awesome. Antivirus software is sh|t.

What - you think they'd promote free software that directly competes with them, AND does a much better job than they do?

Report •

January 21, 2010 at 00:34:30
If you have a rootkit on your computer, it evades your antivirus program and antimalwareprogram ,thus it EVADES "combofix" as well. Some rootkits detect combofix and in turn deletes all your files from your harddisk. The ONLY thing to do in this case is to :

* Restore your backup again, but use ANOTHER bootdisk that's NOT infected, f.i. a CDR (Which can't be written to) DO NOT USE THE SAME COMPUTER TO BURN THE BOOTDISK. (Atapi.sys might be infected too, the driver which is used for cd r/rw dvd)

* Use another computer to scan the hard disk infected with the rootkit. This other computer will find the files , responsible for booting up the rootkit along with your operating system! How to remove it is similar how you remove startup items from your own computer with msconfig (if you use winXP)

* When you use GMER and your computer "hangs" if you select full scan, but this program detects hidden files you are certain this is a rootkit. A rootkit could hang your computer if you use certain programmed software which it "knows" it could be present. However, if you use software which isn't detectable by the rootkit you could show where it resides, but cannot let te computer which is affected, delete it by itself, because it became part of the OPERATING SYSTEM.

I challenge ALL antivirus companies to complete their packages because as far as i can see they did a good job in history but are in a HUGE DISADVANTAGE for now and in the future.

* Remember when you buy a new computer : BACKUP ALL YOUR SOFTWARE, AND CREATE MEANS TO BOOT YOUR COMPUTER UNINFECTED. Thats if you EVER want to remove an infection manually.

* combofix is detected by adaware, panda antivirus, AVG antivirus because a signature was found. Well, if a signature belongs to some kind of virus or malware, if you have a black cat, why would your cat suddenly become white :-)

Report •

January 21, 2010 at 19:21:59
In your references to Combofix, what you are saying with such confidence is a common fallacy.

There is nothing sinister about Combofix. To remove a difficult and replicating trojan it has to adopt similar tactics. That is why it is so effective and also why it can fool virus checkers (which should be turned off when it is run). It should however only be used with the guidance of experts.

Read up the detail about exactly how Combofix works before making such sweeping statements.

some other bloke...

Report •

Related Solutions

Ask Question