Combofix is a freeware, portable application designed to scan a computer for known malware and, if found, attempt to remove it. I personally use this application very frequently in conjunction with SmitFraudFix to remove Win Antivirus 2008 and its variants. In addition to removing many different rogueware products, it also shows you a log of files that were created or modified in the last month to help you locate potential malware it didnt detect. For example, if there is a randomly named .dll file in the system32 folder that was created on the day of the infection but all other files are dated years ago when Windows was installed, its probably something to do with the virus.
This one is essential for any computer technician who does malware removal work.
Usage instructions can be found on the official site located here.
Download from Official Site – 2.8mb
Session expired
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.
I use it all the time. Good stuff!
We use this all of the time as well. This tool is a must have for all of you techs out there.
Great tool, we’ve been using it a bunch lately too!
Alright, portable! I’ll have to give it a shot!
Great tool. Been using this for a while.
I didn’t know about it. I’ve been using autoruns+process explorer for my malware removal needs. This will be a nice addition to them, specially that log of files created or modified in the last month.
Thanks.
Anybody knows an anti-spyware that stops antivirus 2008 or 2009 from installing on the customers computer ?
sounds good. can’t wait to put it through the torture rack!
thanks, good tools are always appreciated
Malware Bytes anti-malware removes that antivirus 2008, 2009 and other variants. Previous to using it I used a mix of super anti-spyware, combo fix and smitfraud. I find it does the Job…
This is a helpful utility program. Being portable, it has many uses. Thanks for sharing!
Scary to run this thing at first, Kaspersky was going haywire over it. It really takes control, doesn’t it? Makes sense though, it should ;)
Portables rock.
I tried Combo fix out this week and it is awesome. I wish more software would install like this. Totally automatic! Perfect!
Combofix was obtained from majorgeeks via a forum. Nothing fixed my autorun.inf problem until using this superb program. Scary to use but what a result – computer works a treat – and quicker.
I ran this on a machine and it made IE my default browser and nuked out Avast resident scanners.
I’m not very impressed!!
Piece of crap.
Been using combofix for years, usually do about 10-15 spyware removals a week at my work, run combofix first in safemode, then malwarebytes, then boot into regular windows, run counterspy and hijack this, ccleaner and you’re done!
Combofix saved me alot of headaches (after 3 hours of heartburn before I found it).
Thanks much!!!
Only thing I found that removes the Win32.Zafi.B virus it’s a very bad one that wont let you go online and cancels anti virus software like McAfee and windows firewall options. Thanks so much to whoever made this nothing I found could even detect it on my computer.
I want to combo fix up date automatically by my E-mail address.
Thanks!
Amazing tool…..the results were great!!
This program made my day…
better than vundo begone
Now i can run my pc agen
offical page will not pop up says page cannot be displayed……help me comp. really bad
If you are unable to get to combofix.org then open up the C:\windows\system32\drivers\etc\hosts file in notepad.exe and make sure it contains only the following:
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
ComboFix is a program, created by sUBs, that scans your computer for known malware, and when found, attempts to clean these infections automatically. In addition to being able to remove a large amount of the most common and current malware, ComboFix also displays a report that can be used by trained helpers to remove malware that is not automatically removed by the program.
You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.
In other words, unless you are a trained tech, you should not be using Combofix. It can brick your machine very easily if you don’t know what you’re doing.
i am trying to compile a set of tools in advance – added now, great tool :)
i tried multiple programs today for a good 5-6 hours after visiting a bad site causing my pc to go into a reboot loop. i stumbled upon this in the hirens program and it worked like a champ!!
thank you to the creator Lawrence Abrams, u saved me a lot of money and headaches from screaming at my monitor!!
Hello all, I have used Combofix many times with no issues, BUT…I just saw the link on Bleeping computer where they have taken away the download saying the software has known errors which can cause your pc not to boot up after it is run. Not sure how many versions back this affects, but you might want to use extra caution until they repair the issue.
i’m always very skeptical when it comes to anything that ‘claims’ to do much of anything. because let’s face it – there’s not much out there that actually works.
combofix works – bottom line.
it does what it’s supposed to do, with no frills or fancy crap to go along with it. which is great for someone like me, because i loathe ‘purdies’. i also loathe stupid little programs that people install which claim to fix something, but only add to their original problem.
i’ve used combofix since the very first ‘version’, and it has always done the job quickly and efficiently.
as someone who has done much programming and technical work (since 1980) i have a great admiration for the creator(s) of combofix.
thanks guy(s) :)
I used combo fix today and it worked well. However, I don’t know how to read the log. Does anyone know where I can learn some of the key rudiments of reading this log?
combofix fixed my google-redirect virus! The log means nothing to me, either, but I don’t care! Firefox is running normally again! :D
Thank you! Thank you! Thank you!
I’ve used ComboFix successfully DOZENS of times the last few years on desktops and laptops, running 98,ME, 2000Pro,and XPPro. It has been an invaluable tool that I use in conjunction with other tools such as Malwarebytes etc, and I keep it on my Thumbdrive ALL the time.
I knew I shouldn’t use this thing. No
ability to uninstall – nothing. Now a few of
my program icons were changed, system restore
won’t restore any points, and looking at the
log, it looks like any files deleted were
in error – yes – false frigggin positives!
My computer is now running sluggish. Grrrr.
ComboFix doesn’t give anyone the chance to
OK any deletions – it just does it – caution
be damned! I don’t really know to what extent
this thing has damaged my computer, and can’t
do a sytem restore. Damn this program. And
many of the people leaving comments here are
nothing but shills – tools – especially the
ones touting MalwareBytes, which is dangerous software to a computer, just like ComboFix!
This is why combofix is not to be used, unless you are supervised by a helper. It Can make your computer inoperable, depending on the situation. There’s more to combofix than just doing a scan but that information is not available in a public forum or website. The tutorial available on bleepingcomputer is only meant to help the user run it when asked by a trained helper.