Multiple accounts infected

Status
Not open for further replies.

PFJ

Posts: 108   +0
Using the guidance on this forum I have always been able to clean infections from my friends PCs. But this PC, Dell C521, has multiple family accounts. I do all the scanned with an Admin account I set up but as Ad-aware scans it generates AVG pop-ups stating a myriad of virus/trojans but nothing shows up during the scans nor are they logged!

Will I have to get all the passwords from each of the family members to scan each account and get rid of the infections?

I've attached HJT log for inspection.

Thanks in advance...

PFJ
 
Hi PFJ

It may be necessary to log to the other accounts but for now use only your account which should be administrator level.

Stay in Safe Mode networking for all the following! On any reboot go back to Safe Mode networking until the end of this post.

Run HJT Scan only select and remove all the below.
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\Program Files\McAfee\VirusScan\Mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\Program Files\McAfee\VirusScan\mcsysmon.exe (file missing)

Click here: Do the TechSpot 8 steps

Post all Logs including a new HJT log last.

Mike
 
Thanks mflynn,

I should have mentioned OS VISTA SP1. The Dad gave me all the passwords. Nothing was solved in safe mode during scans but when I scanned with access AVG found a trojan.

Is mise le meas

PFJ
 
Malwarebytes and SuperAntiSptware HEFV seemed to do a better job under the temp Admin account. So here are the logs; cant seem to get ride of:
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\Program Files\McAfee\VirusScan\Mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\Program Files\McAfee\VirusScan\mcsysmon.exe (file missing)

Thanks mflynn
(Is mise le meas (Gaelic) : I am your with respect)

Regards

PFJ
 
Yeah! You were eat up with infestation.

You did good. Remember to stay in Safe mode networking!

OK just one run of MBAM and SAS may not do it!

Run MBAM again UPDATE IT EVERY TIME you run it. We are looking for a clean log! Post me each log.

Same for SAS UPDATE this time select the Tracking cookies and remove them. We are looking for a clean log.

Stay with the Temp account for now.

Mike
 
Status
Not open for further replies.
Back