Trojan help

Hey, Ken...

There are five user accounts. My husband's user account seems to be the only one that has had issues. However, the kids all have their own laptops now so I've only been on their accounts in the past two weeks, running scans, etc. They all seem free of issues, as does mine. I have already given them a heads up to please take some time to go through their stuff in case they want to salvage anything. "Reformat" keeps swirling around in my head...lol. I'm enjoying delving into this process but I'm not sure when it's time to give in and let things crash and burn and start with a clean slate. I'm confident that you will let me know if/when we get to that point!
 
Maureen,

Why dont you go into the Control Panel > User Accounts and delete your husbands account, there is an option to save all his documents , they will save to the desktop. You an always go back and have him create a new one when we're done
 
Ken,

I am concerned about pictures and his ITunes stuff as well. Will all of that save on his desktop? I've never deleted an account so I'm not sure what happens - when I create a new user account do the saved items show up then on his desktop? Can I take the "guest" account and make it his? Transfer everything there? lol I'm sure you are shaking your head and rolling your eyes...lol

Also, I thought I'd better let you know that I am also working with someone on Malwarebytes trying to figure out why I can't update the Anti-Malwarebyte program on my husband's account. He wants me to run the HJT program and send him the logs. Is this going to be too confusing? Should I tell him I will get back to him after we are done here?

Thanks.
 
I have never been a fan of user accounts but some people like to create them, makes things a bit confusing to me. Worked on a gals computer a few weeks ago that I work with and between her , her husband, her mom and kids they had 8 user accounts.

I have been asked by some people to remove user accounts and I know there is an option when you remove one that will ask you if you want to save files, when you say yes and delete the account ( lets say the name of the account is Brian, all Brians data will be saved on the desktop in a folder named Brian. To be on the safe side why don't you back all his stuff up to a CD or DVD before you remove his account.

Posting about why Malwarebytes wont update on there forum is fine with me, this program is one of the finest programs to come along in quite awhle.

I would be interested in what they say.

As a side note, if you have Malwarebytes installed on the main user account and you can update and run it it should be updated no matter who uses it.

On you main user account, open Malwarebytes and go to Help > About and it should be version 1.44, if you go to the Update tab it should show update 3662. Then go to your husbands account and check those and see if they match,
 
Hi, Ken.

It has been an interesting afternoon. The helper from Malwarebytes had me run the HJT program and send the logfile. He responded by having me check off some entries and fix, then reboot, rescan and try to connect. I am now able to update in that one user account and, while holding my breath, I was able to connect to IE8. I've asked him to enlighten me as to what happened. Maybe you will be kind enough to take a guess - Did the trojans reconfigure/corrupt settings and files?

I have looked into backing up the iTunes stuff and it is not possible right now - my cd burner is not working. I don't think it is a virus issue as it has been acting up for a long time and I think it is time to replace it. There is a way to "share" everything with another computer but I need to confirm that we are free and clear of any bugs before I open the other computer up to anything.

Anyway, you are absolutely right about updating on any user account and it suffices for all accounts. Now I need to figure out how to scan for all accounts!

For now, I have my work cut out for me. I am reading through all the links you have so kindly provided and will have to figure out which programs to have so as not to have any conflicts. Do you suggest I do anything specifically to confirm that we are clean now?

As for all the user accounts...you are right so I will be busy cleaning and deleting and backing up when I get the new cd burner.

I am feeling pretty good that this computer is okay. Now I will need to take the time to see what's what with the other computer. I'll keep you posted!

Thanks again for all your help and advice!

Maureen
 
Maureen,

You main drive on your computer is C:( as are most unless they installed windows in a different directory ) all your user accounts are installed on C:, as is your antivirus and most apps, when you run Malwarebytes on your main user account, its scanning your C: drive and will remove any infections that may be present. But, it is possible to have a bad program installed on another account in the form of a bad file downloaded for example, but this will also be on your C: drive and when a scan is run and it picks it up it will be removed. Another words what I am trying to point out is that if any of your users is logged into there account and download a malicious program, it infects the entire computer, not just that users account.

Hope I explained this correctly for you

Ken :)
 
Hi, Ken.

Thank you for your explanation. I will have to wait and see if I continue to have different findings on each scan on the other computer.

Just an update. The issues with IE8 on this computer seem to have been settled. We have been on both computers on and off all day without any issues. All scans come back clean. I was pleased with the Anti-Malwarebytes helper and he was appreciative of your praise of their program.

Just to finish up, the stuff you wanted me to do in post#25 never got done. Should I go ahead and get rid of AWF and ComboFix in the way you describe?

As for the other computer, I think I will just wait and see and post again if need be. I will keep my fingers crossed that we are out of the woods. In the meantime, I will be looking into a new cd burner for this computer.

Thanks again for all your time and help! Take care.
Maureen
 
Hi Maureen,

Glad things are getting somewhat back to normal. Bypass the fix for removing programs from my Post 25 as it doesnt seem to work any longer. Not sure why, you can do this.

Now to remove most of the tools that we have used in fixing your machine:
  • Make sure you have an Internet Connection.
  • Download OTC to your desktop and run it
  • A list of tool components used in the cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.


Malwarebytes is the free version and yours to keep but if any programs we used after running OTC are still present, just drag them to the trash

Ken :)
 
You must log in or register to reply here.
Back
Top