I'm not sure if this is the best place to post this but I couldn't find another forum I thought seemed better...
That said, We have an interesting issue at my office involving PC's that we've use combofix on...
Over the years it's been a great tool in helping with malware related matters and we were even using it as part of routine maintenance scan at one time on our computers but recently we've discovered a problem which affects any PC we run it on whether it finds anything on the system or not (we've tested with brand new PC's with fresh Windows 7 installations in addition to errant PC's).
We use Oracle to manage the company's assets and are in the process of moving to version 12c and we will be utilizing Java webstart with it (so we are no longer browser dependent for the Oracle Forms). Any computer that has had combofix run on it seems to no longer be able to have Java/webstart applications communicate to externally to the system or other apps anymore. In particular we have an Oracle Form using the 'web.show_document' function call to open a PDF report which is sent to the system's default web browser initially and opened. We've also tested this function call simply having it open Google as well - no go.
Any computer that has *not* had combofix run on it works just fine (browser opens right up to whatever page or link we send to it) but as soon as we run combofix (even if nothing is found) the system will no longer work properly and this function call will no longer be able to pull up anything.
Right now the only solution we've found is to reinstall Windows - system restore to a time before CF was ran does not work, completely clearing out the Java installation (registry entries and all) and reinstalling does not work nor does anything else we've tried.
I have about 50 computers between sites in 3 states that are going to need this corrected and having to back up each one's personal files, reinstall Windows (including drivers and ancillary software if we don't have an image already made for the machine), set the system back up for use on our network and then restore the user's files takes a long time... and to have to do that for this many machines is not only difficult but I also have to plan trips to these sites and may very well run out of time depending on how long things take - I can only guess when I make my plans.
Does ANYONE on here have any idea what exactly combofix changes on the system that might affect this and potentially fix that so what I'm talking about works again? This would save me a boat-load of time and work if so! I have to leave for Texas to service about 15 of these machines in the next few weeks so I am hoping to figure out something better and much more time-efficient before then.
Any help is appreciated - thanks in advance!
Mod Edit .... Moved to Antivirus Tools ~~ boopme
Edited by boopme, 30 May 2017 - 10:12 AM.