has anyone ever tested ComboFix?
And no, I haven’t used it.
Please note that this application should only be used under the supervision of somebody trained to use it.
It can easily make a system unbootable if used incorrectly.
That is correct
It’s an extremely powerful (and effective) tool,but as stated,it can nuke a pc in inexperienced hands.
I used it once on one of the computers at work where one of the sons of the boss loves to play with rotten links (a Virtumonde variant, if i remember well).
Note that using Combofix (or similar cleaning utilities) often becomes practically impossible if you haven’t downloaded the application prior to the infection (or if you can’t use an alternate clean computer):
some of the infections to be repaired themselves nuke your computer, flooding your computer ressources to a point where internet browsing practically becomes impossible (thus keeping you to download the utility and, a fortiori, to submit its report to an “expert” online) and local browsing very difficult (consequently opening the question of whether it remains possible to install and/or run a new utility).
Some of the infections i talked of are very hard to eliminate (and no tool, including Combofix, is enough if you don’t manually clean some files and registry entries) but, well, your computer is already nuked:
the choice is between coping with it as it is, or taking the risk of further(?) nuking it with some utility of which the question is to appreciate if it is less or more dangerous than the infection.
Also note that the advantage of Combofix is that it is a “general” utility: several standalone and “safer” utilities are available, and can be used together with Combofix or independently, but suffer from the disadvantage that you have to know exactly what malware is to be cleaned, thus needing to also use another clean computer to be able to connect to internet and document, depending upon the symptoms and files written, what malware you are faced to and download the appropriate tool.
Last, and excepting e.g. mbr and bios rootkits, note that with some prior knowledge of what the normal files and registry writings on a said operation system are, no tool is needed and all of the job can be done, altough very long and a pain in the …, in a totally manual way.