Nice explanation by Tom about the distribution method! If anyone sees ComboFix offered at any location other than the normally supplied download links by security analysts, walk away quickly as there is no way of knowing what the file contains. It would most definitely not be an authorized download site. In addition, it would not be the most recent version, the program being changed regularly to deal with new malware.
Quote: Originally Posted by ICit2lol
From the little understanding I can glean does this app work like those regedits one does in some of the tutorials? - which is why I said I would be diving in without testing the depth of the water so to speak
No, it does not work like what you see in some of the tutorials here or at other sites. Techniques and procedures change. The private discussion about procedures, questions, problems, etc. among trained analysts and the developer at just one
security forum is over 700 pages. That does not include the extensive tutorial or a number of related sub-threads.