D-I-Y: COMBOFIXing Your Infected Computer!

I’ve proven this tool many times against hard-to-get spywares and malwares. The ComboFix by “sUBs” is a command-line tool, meaning it runs from the root directory of your system. Download ComboFix here.

It integrates NirCmd–a command-line utility “that can write and delete values and keys in the Registry, write values into INI file, dial to your internet account or connect to a VPN network, restart windows or shut down the computer, create shortcut to a file, change the created/modified date of a file, change your display settings, turn off your monitor, open the door of your CD-ROM drive, and more…”

These are the reasons why ComboFix is often detected by some anti-virus programs such as McAfee as malicious. Hence, before you run ComboFix, you’ll have to close or disable all your anti-spyware/anti-malware and anti-virus programs to let ComboFix work at its best.

ComboFix ( http://comboxfix.net ) suggests the following steps in running the tool:

  • Disable or Close all anti-spyware, anti-malware antivirus real-time protection, which may affect ComboFix.
  • Download (Download) the latest version of ComboFix (2.8mb)save to your desktop
  • Close all programs of you computer
  • Double click ComboFix.exe on you desktop
  • When Combofix finished, it will create logs for you

(note: If your using an old version of ComboFix, you’ll be prompted that ComboFix has already expired and soon after you’ll be exited from ComboFix and your copy of it will self-destruct. To be sure you’ll be using an updated version, have your system connect first to the internet without running a browser or any programs. ComboFix shall prompt you to update your copy. After downloading the updates, ComboFix restarts.)

It normally takes 10 minutes to scan your system but it will take long if the system is heavily infected. My latest ComboFix scan took more than 30 minutes.

My last ComboFix scan reached at Stage 50.

The ComboFix deletes the unwanted foreign object in your system… It can unhook any .dll file in the system32 folder.

When done, ComboFix creates a log where you can read the details of its scan results…


6 thoughts on “D-I-Y: COMBOFIXing Your Infected Computer!

  1. Actually, I just formatted my laptop running Win7 (I regretted of having no image or any backup to my files) after it experienced a “blue screen” and was unable to access my files thereafter. The said “blue screen” was the result of a cancelled Windows7 Update. It happened when I plugged my battery out after detecting either a very slow processing or hang-up situation. Just to share my experience, though I found out no solution to that situation. Appreciate your thoughts and/or inputs on it. Thanks much JunTar!


    • The B.S.O.D. (Blue Screen Of Death) is a safety measure of Windows System to avert further damage of your system. When you experienced “blue screen”, your system can restart back to its original state unless the error persists. Why are you formatting your system? Did it failed to restart?


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s