From the Wikipedia article: "ComboFix is an executable software, intended for users with advanced computer skills to run only on occasions where a regular antivirus would not detect certain malware, or where an antivirus cannot update or otherwise function. This cleaning utility runs itself and scans the entire computer system, including more notable areas such as the registry and the system root files, where most prevalent malware are most likely to hide. Furthermore, ComboFix also displays a report of malware that were not able to be removed. The report is accepted by many forums, where experienced users analyze them and advise users further steps of action." http://en.wikipedia.org/wiki/ComboFix
Same here, ComboFix has saved my ass when my Dad managed to get XP Antivirus 2008 on his rig. That thing was a bitch but ComboFix cleaned it up. If you need help running it, just go to www.techguy.org or one of the other sites. If you ask right you will get quick competent help there.
I've already mentioned this here before, but combofix is the ultimate last resort killer of any pest/rootkit etc. Think of agent orange vs. soap. If nothing else will find it and weed it out, combofix will. Only it goes into your registry files and stuff normal software doesn't mess with, so if you somehow accidentally disable it while it is working, you may very well damage your computer. That is why they advise not using it without supervision. I've never had any problem other than sometimes when it reboots, your AV may turn back on, but I was ok with turning it off in mid-stream.
one of the safest ways to remove a 'virus' is to find its name and google search it one place you'll find the name is in the HijackThis list - anything that's there that wasn't before, Safe Mode, 'System scan save logfile' also followng an AntiVir scan, it'll list Detections, Suspicious files, Warnings and Hidden Objects; the only file it'll list after a clean scan in Warnings is the pagefile which will be reported as 'can't open'; anything else listed but not having been removed may be a problem if you copy the letters after the last \ for example TCLOCKEX.EXE in: O4 - HKCU\..\Run: [TClockEx] C:\Program Files\TClockEx\TCLOCKEX.EXE and search for that you're likely to find others who've had the problem and how it's been resolved, which may or may not include the use of combofix usually the people/sites that provide the removal help want you to post a Hijack log, so if you don't have it: http://us.trendmicro.com/us/products/personal/free-tools-and-services/index.html see also: http://www.hijackthis.de/