Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ComboFix for Windows 10


  • Please log in to reply
5 replies to this topic

#1 SYSSECDEF

SYSSECDEF

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Phoenix, Arizona
  • Local time:03:39 PM

Posted 26 November 2015 - 10:28 AM

Recently I ran into a particularly nasty and persistent Trojan.Win32.Generic!BT from a user opening a zipped email file containing a JavaScript file. Windows 10, Outlook 2013. I would like to submit a ComboFix log but have no way to do it. Now, is it possible to use a command line switch to make ComboFix not run a windows version check? Or is it just not at all compatible with Windows 10?


Edited by hamluis, 26 November 2015 - 10:40 AM.
Moved from Announcements/Comments to AV/AM Software - Hamluis.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 PM

Posted 26 November 2015 - 10:33 AM

Hi SYSSECDEF :)

ComboFix isn't compatible with Windows 10 (nor Windows 8.1 for that matters) and it isn't possible to run it via CLI to ignore the version of Windows it's running on. Even if it was possible, this could lead to a disaster since it would run on an environment it wasn't designed to be executed on and no one can predict what could happen.

Also, BleepingComputer doesn't provide instructions nor information on how to run ComboFix on your own, only if you are being assisted in the Malware Removal Area by a professional, and under his directions only.

If you want to read more about ComboFix (and also consult the FAQ), I suggest you to take a look at quietman's thread below.

ComboFix usage, Questions, Help? - Look here

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:11:39 PM

Posted 26 November 2015 - 10:33 AM

Hi there,

ComboFix is not compatible with Windows 10, and won't be so any time soon. Please see here for a list of OSes that ComboFix supports.

Also ComboFix is not meant to be run without supervision from a trained malware removal helper.

If you suspect you have a malware problem, please read this and then post a new topic with the appropriate logs in here. Someone will guide you in cleaning the machine step by step.

Hope this helps :)

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:39 PM

Posted 26 November 2015 - 04:29 PM

At this point ComboFix most likely never will be updated to support Windows 8.1 or Windows 10 since there are other alternatives (such as FRST, Zoek) which are being used by malware removal experts.

If you need individual assistance with a malware infection, other advanced tools are available but they cannot be used in this forum. Please follow the instructions provided by Alex.

If you choose to follow those instructions and post a FRST log, please reply back in this thread with a link to the new topic so we can closed this one. If not, at least you know doing that is an option available to you.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 SYSSECDEF

SYSSECDEF
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Phoenix, Arizona
  • Local time:03:39 PM

Posted 29 November 2015 - 12:41 PM

Was not aware of the FRST and Zoek alternatives. Thanks for the information. Unfortunately, I just re-imaged the machine and will have to wait for the next "attack" to actually run FRST or Zoek against it. I will, however, test these programs out and become familiar with them before hand. Again thanks for the information. I suppose you could close this topic out now.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:39 PM

Posted 29 November 2015 - 12:58 PM

This may be helpful to you...FRST Tutorial - How to use Farbar Recovery Scan Tool

There isn't a public tutorial for Zoek.

As a general rule Bleeping Computer does not close (lock) topics in this forum. An exception to that rule is malware related topics...we close topics when a member has been asked to (and does) start a new topic in the Malware Removal Logs forum and posts the required logs.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users