Thanks, Mike. A little later than "soon". All errands completed before much snow accumulation but it has been coming down steadily since 9AM this morning. Trying to keep the path out the back for the dogs open. Funny, the news reports keep showing the Boston, MA area and from what I see, it is a lot worse here.
Hi, Susan. Welcome to LandzDown Forum.
We will do our best to assist you. However, in order to do so, please follow all instructions provided in the sequence given. Do not install/re-install any programs or run any fixes or scanners that you have not been instructed to use. This may cause conflicts with the tools being used in the cleanup process.
If you have questions regarding any of the instructions or problems running any tools, please let us know.
Thank you for the link to your thread at GW. Ravencajun (R-C here) gave me a heads up.
I am pleased to see that you have changed your email password to a stronger one and are not using it at another site. My suggestion, as you visit other sites where you used the same password, be sure to change the password. Make the password at each place you have an account unique in some way, even if it is a minor adjustment to a base password. For banking, credit card or any sites you make purchases or online bill payments, make those passwords completely unique and strong.
It is likely that MBAM took care of the malware, with SAS picking up tracking cookies. Whatever SAS found in System Restore would have only been harmful if you restored to an infected restore point.
So, let's take care of the outdated, vulnerable software first and then we'll do some cleanup with ComboFix.
1. Adobe Reader
I note that you have both an outdated, vulnerable version of Adobe Reader as well as Foxit installed. Although it is your choice to have both, there really is no need. If you need to keep Adobe Reader, please install the latest update from http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows
. Be careful to uncheck the unneeded McAfee scan as well as any unneeded add-ons that may be offered with the update.
2. Adobe Flash Player
A critical security update was released for Adobe Flash Player yesterday. Please update both versions from the direct links below:
Non-IE (Opera, Firefox, Etc.): http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_plugin.exe
Flash Player For Internet Explorer 7, 8 & 9: http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_11_active_x.exe
Java seems to be a malware magnet. Please consider whether you really need it installed on your computer. Either uninstall it or update Java to the latest version, Java Version 7 Update 13
. Be sure to UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional. See Java, The Never-Ending Saga
for instructions on disabling Java via the Java Control Panel and only enable it when it is needed.
4. Please follow these instructions carefully.
Download ComboFix from here
.!!! IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your antivirus and anti-malware security applications.
If not disabled, these programs will likely interfere with cleanup process. This can usually be accomplished by a right-click on the icon in the System Tray. Note:
If you are unsure how to disable your security software, see the instructions in this topic at Tech Support Forum: How to disable your security applications
Now, please run ComboFix:
- Note: If infections are found, ComboFix will automatically reboot the machine to complete the removal process. Please ensure all opened windows are closed before proceeding.
- Double-click ComboFix.exe on your desktop and follow the prompts.
- As part of the process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it is strongly recommended to have this pre-installed on your machine before doing any malware removal. The Recovery Console will allow you to start up the computer in a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Please note: If the Microsoft Windows Recovery Console is already installed on the computer, ComboFix will continue the malware removal procedures.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console.
- When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
- After the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
- Click "Yes" to continue scanning for malware.
- When finished, a log will be produced. Please include the C:\ComboFix.txt in your next reply.