Doing phone based remote tech support all day, one of the things I run across often is a user who has gotten a virus. In a corporate environment its important to watch the EULA on free programs because you could get your company into a heap of trouble. There are tools we are not able to use anymore due to changes in the EULA (Yes I mean you MalwareBytes). While I still like MalwareBytes, in the search for a new tool to provide quick anti-virus support for those nasty little critters that get through our corporate solution (no anti-virus is a one-stop shop, no matter how good they claim to be) we stumbled across ComboFix.
The main problem with ComboFix, is there is only one place we know of that is safe to get it from. Because it works so well, Hackers try to spoof it, or distribute fake versions of it. Walking a user through going Bleepingcomputer.com then going to the combofix download section can be difficult at times, so I wrote a script to automatically download ComboFix to your desktop.
ComboFix doesn’t have a built in update feature, so I made my script with that in mind, it will delete the older copy from your desktop, then download the new one and tell you when its done.
ComboFix works kind of like a “Fire and Forget” missile for Virus and Malware, once you run it, it takes off and doesn’t stop until its done. Once its done, you reboot, and IF your virus is fixable, its gone.
the site we get ComboFix from is bleeping computer<dot>com and the link is here
If anyone wants a copy of my AutoIT script, let me know.