Welcome to BC arcanewulf
Your points are noted and I will attempt to address them.
The issue is that AVG (and other anti-virus programs) are detecting ComboFix as malware. Certain embedded files that are part of legitimate programs or specialized fix tools such as Combofix may at times be detected by some anti-virus and anti-malware scanners as "malware
" (virus/trojan) when that is not the case
. When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files that appear suspicious or which can potentially be used for malicious purposes. These detections do not necessarily mean the file is malware or a bad program. Anti-virus scanners cannot distinguish
between "good" and "malicious" use of such programs, therefore they may automatically remove
them. Normally this is avoided by temporarily disabling the anti-virus until the tool has been run but this has not worked successfully with AVG. Further AVG is aware and as the vendor it's up to them to stop targeting ComboFix as malware. Until then, sUBs is not going to make himself liable when he knows serious issues can occur if he allows ComboFix to be used while AVG is installed and as the developer, that is his decision to make.
As for using ComboFix under trained supervision, again that is the policy of its creator who has the right to set such criteria if someone wants to run his tool just like any other security vendor. Keep in mind that when dealing with malware infection using ComboFix is only one part of the disinfection process. Preliminary scans from other tools like DDS
should be used first because they provide comprehensive logs with specific details about files, folders and registry keys which may have been modified by malware infection. Analysis of those logs allows planning an strategy for effective disinfection and a determination if using ComboFix is necessary. ComboFix was never meant to be used
as a general purpose malware scanner like SuperAntispyware or Malwarebytes' Anti-Malware which scan individual drives or different folders on a computer for viruses.
As for the warning, it's not that ComboFix is dangerous, but that it is a powerful tool
and complex tool. When issues arise due to malware infections, possible false detections, problems running ComboFix or with other security tools causing conflicts, experts are usually aware of them and can advise what should or should not be done while providing individual assistance. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment.
Even if used by following this authorized guide: A guide and tutorial on using ComboFix
, something could go awry
and leave the user facing issues they do not know how to correct or deal with. Trained helpers know what to do in most situations and can provide further instructions as to how one should proceed. If not, they have access to the tool's developer and other experts. Someone not trained and not using the tool under guidance may end up staring at a computer that no longer will boot normally.