Over the years I’ve had to deal with a number of viruses and I count myself successful if I am able to remove it without having to re-format the machine. Recently I ran across an XP OS virus that was absolutely diabolical and in addition to hijacking web pages, blocked anti-virus executables from running, anti-virus programs access to the Internet for updating and installing, and so on. It was a loop of frustration as it was impossible to treat the virus under Windows XP as it was blocking every attempt to get at it.
After a lot of wasted time I finally located a few free AV tools that got underneath the virus and let me wipe it out. I downloaded these from another PC and put them on a thumb drive attached to the infected PC, and then ran them off the thumb drive. You could also so the same with a burned CD.
Hijack This did nothing to remove the virus as after deleting the virus lines it just kept reloading the corrupted registry initialization modules, but it was handy in letting me see the suspicious entries.
Combofixruns as a *.com not an *.exe file to fool the virus exe blocking. It runs in DOS (or pseudo DOS) mode. You need to boot the infected PC into safe mode and run it from there. It was the key program that was able to get underneath the viruses system lockdown and knock it out enough for -
Hijack this toremove the suspicious virus lines permanently, and allow net access and then -
Malware bytesto install and delete most of the viruses and then -
I wouldn’t recommend hijackthis unless you know how to read the logs.
At this point, Malwarebytes is by far the best tool.
Combofix probably works well, but can create some very serious problems if there’s a mistake. It has too many warnings of trouble for the average user to use it without someone giving guidance.
Are we thinking of the same product? Combofix is basically a low level AV scrubbing tool that is basically DOS/pseudo DOS script launched (most often) in XP safe mode for hard core worm/Virus infestations that have locked the PC solid in standard boot mode. There are almost no “decisions” to make re viruses when running it. It runs, reboots, reports then closes. When the system re-boots the core viruses are still there but it has (for that boot) knocked out their auto-loading mechanisms and registry entries, and it’s at that point of vulnerability you can use malware bytes and/or other AV programs to scrub them.
By the time you need combofix the system is usually locked down tight by Trojans and the only other choice is most often re-formatting. It’s relative “risk” factor in that context is pretty low IMO.