Do you have any problems? If no, congratulations. Your logs are clean now.
Please delete these files:
1. Combofix (on your desktop)
2. Get Services.zip (on your desktop)
3. Get Services folder (on your desktop)
4. BFU.zip (on your desktop)
5. BFU folder (on your desktop)
6. C:\Qoobox
Here are some tips to prevent a re-infection.
Hide system files
- Open My Computer.
- Go to Tools > Folder Options.
- Select the View tab.
- Scroll down to Hidden files and folders.
- Select Do not show hidden files and folders.
- Check (tick) Hide extensions of known file types.
- Check (untick) Hide protected operating system files (Recommended).
- Click OK.
- Close My Computer.
Flush the system restore points
- Right click on My Computer and select Properties.
- Select the System Restore tab.
- Check (tick) Turn off system restore on all drives box.
- Click OK.
- Restart your computer.
- Right click on My Computer and select Properties.
- Select the System Restore tab.
- Uncheck (untick) Turn off system restore on all drives box.
- Click OK.
- Restart your computer.
Keep your system updated
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Please ensure that you visit the following websites regularly or do update your system regularly.
Install the updates immediately if they are found. Reboot your computer if necessary, revisit Windows Update and Office update sites until there are no more updates to be installed.
To update Windows
Go to Start > All Programs > Windows Update
To update Office
Open up any Office program.
Go to Help > Check for Updates
Alternatively, you can visit the links below to update Windows and Office products.
Windows Update
Office Update
If you are forgetful, you can change some settings so that you will be
informed of updates. Here's how:
- Go to Start > Control Panel > Automatic Updates
- Select Automatic (recommended) radio button if you want the updates to be downloaded and installed without prompting you.
- Select Download updates for me, but let me chose when to install them radio button if you want the updates to be downloaded automatically but to be installed at another time.
- Select Notify me but don't automatically download or install them radio button if you want to be notified of the updates.
Java is another program that updates regularly to fix bug issues and loopholes in it. Here's the instructions for updating Java:
- Click here to visit Java's website.
- Scroll down to Java Runtime Environment (JRE). Click on Download.
- Select Accept License Agreement. The page will refresh.
- Click on Windows Offline Installation, Multi-language and save it to a convenient location.
- Run this installation to update your Java.
Besides Windows and Java that need regular updating, antivirus, anti-spyware and firewall programs update regularly too.
Please make sure that you update your antivirus, firewall and anti-spyware programs at least once a week.
Be careful when opening attachments and downloading files.
- Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
- Never open emails from unknown senders.
- Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
- Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.
Stop malicious scripts
Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.
Backup regularly
You never know when your PC will become unstable or become so infected that you can't recover it. Follow this Microsoft article to learn how to backup. Follow this article by Microsoft to restore your backups.
Make your Internet Explorer safer
For Internet Explorer 6
- Open Internet Explorer. Click on Tools > Options.
- Click on the Security tab.
- Click on the Internet icon.
- Click on the Custom Level button.
- Under Download signed ActiveX controls, select Prompt.
- Under Download unsigned ActiveX controls, select Disable.
- Under Initialize and script ActiveX controls not marked as safe, select Disable.
- Under Installation of desktop items, select Prompt.
- Under Launching programs and files in an IFRAME, select Prompt.
- Under Navigate sub-frames across different domains, select Prompt.
- Under Allow paste operations via script, select Disable.
- Click OK to apply these settings.
- If it prompts you as to whether or not you want to save the settings, press the Yes button.
- Press OK to exit the Internet Properties page.
Avoid P2P
P2P may be a great way to get lots of stuffs, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. If you do need to use them, use them sparingly. Check this list of clean and infected P2P programs if you need to use one.
Prevent a re-infection
- Spyware Blaster
SpywareBlaster is a program that is used to secure Internet Explorer by making it harder for ActiveX programs to run on your computer. It does this by disabling known offending ActiveX programs from running at all.
You can download SpywareBlaster from Javacool.
If you need help in using SpywareBlaster, you can read SpywareBlaster's tutorial at Bleeping Computer. - SpywareGuard
Just as an antivirus program scans a file for viruses before opening it, SpywareGuard does the same thing, except that it scans it for spywares.
You can download SpywareGuard from Javacool.
If you need help in using SpywareGuard, you can SpywareGuard's tutorial at Bleeping Computer. - IE-SPYAD
IE-SPYAD adds over 5000 sites to your Internet Explorer restricted zone so that you will be protected if the website turns out to be a bad one. Sites that are in the restricted zone of Internet Explorer can't have any scripts ran, no downloads and cookies. However, you can still connect to these sites.
You can download IE-SPYAD from Spyware Warrior. Be sure to read the whole website carefully for instructions on usage of IE-SPYAD.
A tutorial for IE-SPYAD can be found at Bleeping Computer. - Hosts File
A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your PC will look up the website's IP address before you can view the website.
Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.
Here are some Hosts files:
MVPS Hosts File
Bluetack's Hosts File
Bluetack's Host Manager
hpHosts
A tutorial about Hosts File can be found at Castlecops. - Lavasoft Ad-Aware
Ad-Aware is an anti-spyware program. Like your antivirus program, please run an Ad-Aware scan at least once per week.
Ad-Aware can be downloaded from here.
If you need help in using Ad-Aware, you can read Ad-Aware's tutorial at Bleeping Computer. - Spybot Search and Destroy
Spybot Search & Destroy is another program for scanning spywares and adwares. Not only so, it has other preventive options as well. You are strongly encouraged to run a scan at least once per week.
Spybot Search & Destroy can be downloaded from here.
If you need help in using Spybot Search & Destroy, you can read Spybot Search and Destroy tutorial at Bleeping Computer. - a-squared Free
a-squared Free is also another program for scanning spywares and adwares. It doesn't have preventive features like Spybot Search & Destroy though.
You can download a-squared Free from here. - CounterSpy
CounterSpy is pretty much like Spybot Search & Destroy, but it isn't free.
You can try CounterSpy for 15 days.
Before downloading any anti-spyware programs, always check the Rogue/Suspect list of anti-spyware programs. This will save you from a lot of trouble. If in doubt, don't ever download it. - SiteHound Toolbar
SiteHound is a toolbar that warns you if you go to a site that is known to scam people, that has potentially lots of viruses or spywares or has questionable contents. If you know the site, you can enter it; if you don't, it will bring you back to the previous page. Currently, SiteHound works for Internet Explorer and Firefox only. - Winpatrol
Winpatrol is heuristic protection program, meaning it looks for patterns in codes that work like malware. It also takes a snapshot of your system's critical resources and alerts you to any changes that may occur without you knowing. You can read more about Winpatrol's features here.
You can get a free copy of Winpatrol or use the Plus version for more features.
You can read Winpatrol's FAQ if you run into problems.
Use an alternative Internet Browser
Many of the exploits are directed to users of Internet Explorer. Try using a different browser instead.
Firefox
Opera
K-Meleon
Use an alternative email client
If you are using Outlook Express as your default email client, try using Thunderbird or Pegasus Mail instead.
Here are some more things to read about:
List of clean and infected download managers
Configuring Skype
Greater email safety
Phishing - what is it?
Configuring Outlook Express
The Unofficial Cookie FAQ
Securing your home wireless network
80 Super Security Tips
The different classes of security softwares