TechSpot

Multiple accounts infected

By PFJ
Jan 22, 2009
  1. Using the guidance on this forum I have always been able to clean infections from my friends PCs. But this PC, Dell C521, has multiple family accounts. I do all the scanned with an Admin account I set up but as Ad-aware scans it generates AVG pop-ups stating a myriad of virus/trojans but nothing shows up during the scans nor are they logged!

    Will I have to get all the passwords from each of the family members to scan each account and get rid of the infections?

    I've attached HJT log for inspection.

    Thanks in advance...

    PFJ
     
  2. mflynn

    mflynn TS Rookie Posts: 2,655

    Hi PFJ

    It may be necessary to log to the other accounts but for now use only your account which should be administrator level.

    Stay in Safe Mode networking for all the following! On any reboot go back to Safe Mode networking until the end of this post.

    Run HJT Scan only select and remove all the below.
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

    O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\Program Files\McAfee\VirusScan\Mcshield.exe (file missing)
    O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\Program Files\McAfee\VirusScan\mcsysmon.exe (file missing)

    Click here: Do the TechSpot 8 steps

    Post all Logs including a new HJT log last.

    Mike
     
  3. PFJ

    PFJ TS Enthusiast Topic Starter Posts: 112

    Thanks mflynn,

    I should have mentioned OS VISTA SP1. The Dad gave me all the passwords. Nothing was solved in safe mode during scans but when I scanned with access AVG found a trojan.

    Is mise le meas

    PFJ
     
  4. mflynn

    mflynn TS Rookie Posts: 2,655

    I don't understand!
    All I want is the 8 Step logs as requested from my last post!

    Mike
     
  5. PFJ

    PFJ TS Enthusiast Topic Starter Posts: 112

    Malwarebytes and SuperAntiSptware HEFV seemed to do a better job under the temp Admin account. So here are the logs; cant seem to get ride of:
    O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\Program Files\McAfee\VirusScan\Mcshield.exe (file missing)
    O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\Program Files\McAfee\VirusScan\mcsysmon.exe (file missing)

    Thanks mflynn
    (Is mise le meas (Gaelic) : I am your with respect)

    Regards

    PFJ
     
  6. mflynn

    mflynn TS Rookie Posts: 2,655

    Yeah! You were eat up with infestation.

    You did good. Remember to stay in Safe mode networking!

    OK just one run of MBAM and SAS may not do it!

    Run MBAM again UPDATE IT EVERY TIME you run it. We are looking for a clean log! Post me each log.

    Same for SAS UPDATE this time select the Tracking cookies and remove them. We are looking for a clean log.

    Stay with the Temp account for now.

    Mike
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...