Now I have the first checked. Should I check any others? All of them?
Yep, have them all checked.
I've recommended a firewall further down the post.
You're now clean of malware but before I remove all the tools and logs, I'd like you to have a look for a ComboFix log when you first ran it. Can you please look in this folder C:\QooBox\LastRun\ for any ComboFix logs and post the oldest before you follow the cleaning steps.
No worries if you can't find it or it's not there. I would just liked to have known where the main rootkit was hiding
Your PC is now clean
First we'll remove the tools that we've used then look at preventing getting infected again. It's important to remove the tools as it also removes the malware that we currently have quarantined.
Please do the following:
Reset SR Points/Clean up with OTL:
The above process will flush old System Restore Points and create a new clean one.
Please delete aswMBR, MBRcheck and any remaining logs from your desktop.
Follow these steps to uninstall Combofix
- Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
- Now copy/paste this: ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /Uninstall, it needs to be there.
- Please follow the prompts to uninstall Combofix.
- This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.
- You will then receive a message saying Combofix was uninstalled successfully once it's done uninstalling itself.
A few tips to prevent reinfection
A firewall is essential to stop hackers infiltrating your computer. The following firewalls are free for personal use. Do not install more than one firewall.
is an excellent free basic firewall which is very easy to use.
is a more advanced firewall which includes a Host Intrusion Protection System (HIPS).
is a combined firewall and anti virus.
I personally use the built in windows Firewall but the choice is yours.
It is essential that you regularly check and install the latest Windows Updates
. Vulnerabilities within Windows can leave your computer open to infection. Regular updates are released to fix these security vulnerabilities. I recommend that you set Windows to check, download and install your updates automatically.
Select Control Panel
Click on Automatic (recommended)
Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
Click Apply then OK.
Older versions of JAVA have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.
- Go to here and click Do I have Java
- It will check your current version and then offer to update to the latest version
You should ensure you use the latest Adobe Acrobat Reader
and install any security updates that are released. Older versions are susceptible to attack. You can download the latest reader and updates from here.
To learn more about how to protect yourself while on the internet you might like to read this GeeksToGo
article. This covers some of the safety measures that I've included and also some more.
Happy surfing and stay safe