ComboFix is an Anti-Malware tool used by advanced malware technicians
specifically trained in its use.
Please DO NOT USE COMBOFIX on your own without supervision!!!
We ask that you obey the warnings about using this tool. Why?
The warnings are given for a reason and one of them is to inform our members
about the consequences that may occur when using ComboFix in an unsupervised environment. Yes, ComboFix is an excellent but powerful tool. I liken it to Acetaminophen (Tylenol). Used correctly, the drug will help with your aches and pains. Used incorrectly, it can destroy your liver and eventually kill you. The same scenario applies to ComboFix. Used in untrained hands this tool can disable your computer and in some cases can make it unbootable.
A few comments from one of our malware experts, Papakid
Running ComboFix by yourself is like performing open heart surgery on yourself--the scalpel and other surgical tools that is ComboFix is meant to be wielded by a highly trained surgeon only in emergencies or dire circumstances. When the surgeon is thru s/he leaves the room. So combofix should be removed from a system once it has accomplished its job, unlike an AV that is there to protect you from future infections.
. . . CF does make some alterations to your system if you run it. Even if you had no malware removed and run the uninstall command, some things may be different now on your system. I can tell you that one thing is that all your restore points will be flushed out and a new one created. There is a good reason to do that when you have a severe infection--but if you aren't infected you might need those restore points.
Read and abide by the disclaimer people. It's there for a reason. Stick to running and protecting yourself with a good AV and firewall and an anti-malware scanner or two. If you feel you need a second opinion, try running online scans. If you feel you might need surgery, come here to BC and ask for help--that is what we're here for.
The following is our standard warning when we see its use mentioned outside of an advance malware forum:
You should not be using Combofix unless instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert", NOT for general public or personal use. Combofix was never meant to be used as a general purpose malware scanner like SuperAntispyware or Malwarebytes' Anti-Malware. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read Combofix's Disclaimer.
Bleeping Computer and sUBs will not be responsible for any damage caused to your machine by misusing or running ComboFix on your own. Questions about ComboFix and how it works:
Sorry but discussions pertaining to how Combofx works, what it can or cannot do, what the log results mean, any future plans, updates, etc is not available to the public
in order to safeguard and protect the integrity of the tool
from malware writers. As such, the developer does not want his tool discussed outside of private forums and therefore we cannot answer specific questions. The only public information that is available can be found in this authorized guide: How to use ComboFix ComboFix logs, where should I post them?
ComboFix logs are not
permitted outside the HijackThis Logs and Malware Removal
forum and then only when requested by a HJT Team member. However, if you ran ComboFix on your own due to malware infection, please be aware that a ComboFix log is only one part of the disinfection process. Therefore we ask that you please read the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log
". When you have done that, post the required logs to include your ComboFix log in that forum, NOT here
, for assistance by the HJT Team Experts. A Statement about Malware Removal
There are no guarantees
when it comes to malware removal and that includes the scanning and specialized fix tools we use. Infections will vary and some will cause more harm to your system than others. Thus, sometimes it takes several efforts with different, the same or more powerful tools to do the job. Even then, with some types of malware infections, the task can be arduous and can produce disasterous results after using the available tools and security scanners for disinfection. How can that happen?
All scanning tools are susceptible to glitches, bugs and false positive
detections and removal of critical files from time to time resulting in computers that become unbootable or get stuck in an endless reboot loop. Even major anti-virus vendors are not immune to such issues either and here are just a few reported examples.
In most cases when these problems occur, the anti-virus vendors and security tool developers take quick action to correct the problem and provide support to those users who have been affected. I used ComboFix on my own and encountered problems. What should I do?
Take responsibility for your decision to use ComboFix despite the numerous warnings that are provided not to use the tool in an unsupervised environment rather than attribute blame to others.
With that said, we at Bleeping Computer will try to assist our members if they encounter a problem and ask for help. We understand that even under the supervision of an expert, something can go wrong to include false positives on critical system files resulting in unbootable machines or other issues. If such a scenario happened with you, here are some basic guidelines to follow:
- Start a new topic, give it a relevant title and provide a description of your problem, a summary of any anti-malware tools you have used and a summary of all steps that you have performed on your own.
- Please be specific and describe exactly what happened when you ran ComboFix. Include any error messages that you received. If your machine is bootable, providing a How to take and share a screen shot in Windows can be useful in helping to resolve your problem.
- After starting your topic, please be patient as it may take time to get an answer. False postives, glitches and bugs resulting in computer problems have to be reported first to the tool's developer and then investigated before anyone can advise what corrective action needs to be taken. That may require the developer to conduct some testing and obtain sample files for analysis. Also keep in mind that staff members are all volunteers and we assist other members as well as you when time permits. No one is paid for their work or assistance to members of our community.
- Unless you are an expert, do not reply to someone else's topic with instructions, especially if they are already in the process of getting help from a member of the HJT Team or trusted staff. If you have a similar issue, the solution could be different based on the kind of hardware, software, system requirements, etc. and the presence of other malware so please start your own topic. Those awaiting assistance, please read the pinned sticky How do I get help? Who is helping me?. It's important that you know who you should trust to take advice from.
Again, we ask that you please be patient
. It may take a while to get a response but your problem will be reviewed and answered as soon as possible.
Thank you for understanding.
The BC Staff