Hello,
I am discovering several infected files during a 'scan of all local drives' as I am restarting my computer. I am afraid that I have allowed my boys a bit too much latitude in downloading some game stuff lately. Although I am typically involved, I am sensing they may be doing a bit more freelancing than I thought. Yep, my responsibility. Anywho, I am moving each flagged file to the chest as the scan is rolling and have several files so far (still scanning). I am asking what action I should take if/when the system finally loads? I am reading the general posts regarding running cleaning malware programs so I hope to better equipped to catch up, but am wondering who might help me try to resolve these issues. Thanks in advance.
- old dog trying to keep up...
Hi Mizare31,
Seems it is time to move other users than yourself off any administrative account you may use. Change your admin password (write it down!) and then allocate one account to each of the other users but only as limited standard accounts. Why limited? Well, one cannot install a game or such unless they have the admin password, and you've changed it, so no new games can be installed without you knowing about it. Think of it as a way of protecting yourself from harm. (This should be done after cleansing your system.)
Don't give users full system-wide rights to modify the entire system when they don't know yet what they are doing.
Can you get into Safe Mode?
To cleanse your system:
http://forum.avast.com/index.php?topic=53253.0Run these four programs:
- AdwCleaner
- Malwarebytes
- OTL
- aswMBR.exe
Attach all four logs in your next reply. Logs are for diagnostic purposes only. Quarantine and remove, and attach resulting logs, only, with AdwCleaner and Malwarebytes. Attach logs only, for OTL and aswMBR.exe.
If not able to boot into normal or Safe Mode, let us know. If unable, a malware expert will be contacted. Otherwise, a certified malware expert removal expert will be contacted after you attach your logs and then he will come in to help you. He needs your logs to begin this process.