Focus on Virus
RE: Malware database Jan 17 2011 01:04PM
Anshuman Anil Deshmukh (anshuman cybage com) (1 replies)
Hi,

I am assuming here that the user using this tool will go through the help
file before he uses Combofix. It requires very basic steps like enabling the
system recovery, disabling existing antivirus, etc. If this is not done, the
tool warns you with a strict warning which I think every user should read it
and understand it. If user doesn't understand this then it is out of my
control. It is a basic understanding that user backups the critical
information before he executes any tool and the sole responsibility of
executing it would be the users responsibility.

Just to inform you that I have used this tool on several occasions and I
didn't found any issues in it. There was no such occasion where I have seen
that this tool has failed and harmed any of the system. All tools specified
are not just googled and suggested, but they are used regularly by me and so
was the recommendation.

I hope this clarifies well!

Regards,
Anshuman

-----Original Message-----
From: David H. Lipman [mailto:DLipman (at) Verizon (dot) Net [email concealed]]
Sent: Monday, January 17, 2011 6:06 PM
To: Anshuman Anil Deshmukh
Subject: Re: Malware database

No.

ComboFix is not an anti malware utility that is to be used outside an anti
malware forum and without guided assistance by a forum helper.

I know the author and I know the tool and I know the damage the tool can
cause if used improperly or used under certain circumstances.

Dave

Date forwarded: Mon, 17 Jan 2011 02:23:28 -0700 (MST)
Date sent: Sat, 15 Jan 2011 00:09:18 +0530
Forwarded by: focus-virus-return-3811 (at) securityfocus (dot) com [email concealed]
From: Anshuman Anil Deshmukh <anshuman (at) cybage (dot) com [email concealed]>
Subject: RE: Malware database
To: Huffen Doback <huffen.doback (at) gmail (dot) com [email concealed]>,
<focus-virus (at) securityfocus (dot) com [email concealed]>

> Hi Huffen,
>
> Following are my suggesstions-
>
> 1. Kaspersky one of the leading antivirus vendor has a removal tool which
is Kaspersky Removal Tool; though size of the tool is bit bulky i.e. Around
80 MB. The good part of this tool is that it generates the report of scan in
ver detailed manner and let you about each process on the system and has
good feature to provide you with suggesstions like making the system more
secure like disabling autorun, etc.
>
> 2. GMER tool. Search google and the first site that appears in the list is
the one. It scans the system thoroughly and highlights the suspicious file,
process in RED. It can detect any rootkit in installed in the system. It has
also inbuilt capabilities for executing the registry, command prompt in case
the worm has disabled the functionality. Ensure that this tool is executed
in safe mode without network option.
>
> 3. COMBOFIX, a program that cleans all types of infections automatically.
Even if for some reason if failed can help you to remove malware by giving
you a extensive report.
>
> I hope this helps!
>
> Anshuman
> Sent from Blackberry
>

--

Mr. David H. Lipman
DLipman (at) Verizon (dot) Net [email concealed]
Yahoo IM: david_h_lipman

"Legal Disclaimer: This electronic message and all contents contain information from Cybage Software Private Limited which may be privileged, confidential, or otherwise protected from disclosure. The information is intended to be for the addressee(s) only. If you are not an addressee, any disclosure, copy, distribution, or use of the contents of this message is strictly prohibited. If you have received this electronic message in error please notify the sender by reply e-mail to and destroy the original message and all copies. Cybage has taken every reasonable precaution to minimize the risk of malicious content in the mail, but is not liable for any damage you may sustain as a result of any malicious content in this e-mail. You should carry out your own malicious content checks before opening the e-mail or attachment."
www.cybage.com

0? *?H?÷
 ?0?1 0 +0? *?H?÷
 ?
Ù0?<0?¥ f}QççÜ?G?¯)äÚÌ&0
 *?H?÷
0i10
?&??ò,dcom10
?&??ò,dcybage1:08U1Certificate Authority (Cybage Software Pvt. Ltd.)0
060530131058Z
110530131826Z0i10
?&??ò,dcom10
?&??ò,dcybage1:08U1Certificate Authority (Cybage Software Pvt. Ltd.)0?0
 *?H?÷
0?µì?bá¼AÅ-yÖÂί8ñ#ua4bä~䪢o»vÆl¹¯Î?Îx!%õã?l°Ò.éb?¦ Î¦
­? °IoõéZ5ª?Tå?ê«© >UÅ?ãQ??rñ¡R-û#í˱?$Þâò{n
kÕQ??ª±,Eô¯£?ã0?ß0 +?7CA0 U?0Uÿ0ÿ0Ug]H,Æ ¢ôº¼u? Q?Õ0?wU?n0?j0?f ?b ?^?ëldap:///CN=Certificate%20Aut
hority%20!0028Cybage%20Software%20Pvt.%20Ltd-02733,CN=wa-dc-1-1,CN=CDP,C
N=Public%20Key%20Services,CN=Services,CN=Configuration,DC=cybage,DC=com?
certificateRevocationList?base?objectClass=cRLDistributionPoint?nhttp://
wa-dc-1-1.cybage.com/CertEnroll/Certificate%20Authority%20!0028Cybage%20
Software%20Pvt.%20Ltd.!0029.crl0 +?70
 *?H?÷
gDÂ???æJ]tdEð¼?9A??ù?p¡
wæ?K¥´ðA&¹yæݽ
÷4ª .òöß$Ò92ÖOËÆv?>4èhRçÿIs??¤7;C6Ý?!W?ÜÙk:&¢{eáM ÞoYìçHÿh¯xa&ÉÃםJ?ô?@à0??0?þ 
Jÿäm t0
 *?H?÷
0i10
?&??ò,dcom10
?&??ò,dcybage1:08U1Certificate Authority (Cybage Software Pvt. Ltd.)0
101012101455Z
110530131826Z0?10
?&??ò,dcom10
?&??ò,dcybage10 UUsers10UAnshuman Anil Deshmukh1"0  *?H?÷
 anshuman (at) cybage (dot) com0 [email concealed]?0
 *?H?÷
0?¸à_ º?ÖåkU?Z??EΫës©êY r£y??¯wɐË^d¦¶?^ç?µ
£?¶ÀäÊå?«ôûøÅ?´ø¦?Çy¸Ý?*{G?ÅèÀg¿idà¦êÚ# xÏ}Ú!õh?a2JjTùò=vAñ
Â[@OÎb?Å£?(0?$0 +?7
User0UÍóMôvá??LÚºÔ Jõ÷½`0 U 0U#0?g]H,Æ ¢ôº¼u? Q?Õ0?wU?n0?j0?f ?b ?^?ëldap:///CN=Certificate%20Aut
hority%20!0028Cybage%20Software%20Pvt.%20Ltd-02733,CN=WA-DC-1-1,CN=CDP,C
N=Public%20Key%20Services,CN=Services,CN=Configuration,DC=cybage,DC=com?
certificateRevocationList?base?objectClass=cRLDistributionPoint?nhttp://
wa-dc-1-1.cybage.com/CertEnroll/Certificate%20Authority%20!0028Cybage%20
Software%20Pvt.%20Ltd.!0029.crl0??+?{0?w0á+0?Ôlda
p:///CN=Certificate%20Authority%20!0028Cybage%20Software%20Pvt.%20Ltd-02
733,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=cy
bage,DC=com?cACertificate?base?objectClass=certificationAuthority0+
0??http://wa-dc-1-1.cybage.com/CertEnroll/WA-DC-1-1.cybage.com_Cer
tificate%20Authority%20!0028Cybage%20Software%20Pvt.%20Ltd.!0029.crt0)
U%"0 
+?7
++0CU<0: #
+?7  anshuman (at) cybage (dot) com [email concealed]anshuman (at) cybage (dot) com0 [email concealed]D *?H?÷
 7050*?H?÷
?0*?H?÷
?0+0
*?H?÷
0
 *?H?÷
?aûsù8+U8<
ìF:wMIæVH²?ùü¡jòMèw³­9êU©»HKp?!nÀ7cöª³7دú¹.5èÖ0d®8ÉI®Tù£??ÊTYÑ?Üê½
¬®F??çm?¦?§²n?#éF¾CYyt
fÿÔ2?K??ç­±ÎÀ?8ã«b1?@0?<0w0i10
?&??ò,dcom10
?&??ò,dcybage1:08U1Certificate Authority (Cybage Software Pvt. Ltd.)
Jÿäm t0 + ?0 *?H?÷
 1  *?H?÷
0 *?H?÷
 1
110117130444Z0# *?H?÷
 1Ó
úhñkÔO¼ïÍ6ÎÃ6¾SÁ&0? +?71y0w0i10
?&??ò,dcom10
?&??ò,dcybage1:08U1Certificate Authority (Cybage Software Pvt. Ltd.)
Jÿäm t0? *?H?÷
  1y w0i10
?&??ò,dcom10
?&??ò,dcybage1:08U1Certificate Authority (Cybage Software Pvt. Ltd.)
Jÿäm t0« *?H?÷
 10?0  `?He*0  `?He0
*?H?÷
0  `?He0*?H?÷
?0+0
*?H?÷
@0
*?H?÷
(0+0  `?He0  `?He0  `?He0
 *?H?÷
?=¿Å??w??s?È'ïËx(ë÷?·S?x{4
"?FAöY½mÉ9?8EêdðêèÕä?ÔèÿØo?ÁI!0J0xئî?>îVûý8/t%
º7îû>)zÔú&ÄÉ;~ ¸LT˺ï÷0ɶãāuQÒiÁè??ÿn

[ reply ]
Re: Malware database Jan 17 2011 02:49PM
David H. Lipman (DLipman verizon net) (2 replies)
RE: Malware database Mar 01 2011 06:43AM
wt521125 (wt521125 yahoo com cn)
RE: Malware database Jan 17 2011 03:14PM
Anshuman Anil Deshmukh (anshuman cybage com)


 

Privacy Statement
Copyright 2010, SecurityFocus