malware removal

gamblingman

gamblingman

VIP Member
I had an issue the other day on a family members computer. They have xp and also have about six profiles because everyone wants their "own profile". Its a mess.

I started cleaning their computer in safe mode with all the normal methods. But I ran into a problem, once I went back into each profile... each one still came up with malware present. No matter what I did I couldn't seem to kill the last bits of some adware. It wasn't anything too bad, just some adware. But whether I removed it from safe mode or through each profile the exact same malware just kept appearing on every scan in each profile.

What am I missing here? I'm not still around the machine, but its driving me nuts trying to understand this problem.
 
What was the name of the adware? Having that many users really complicates things and would recommend scanning each account separately. Did you run combofix on it? If so, post the logfile from it so we can take a look.
 
I don't have the name of the infection, wish I did. Yeah, I tried going through each profile, but each time it would just come back in the one I had just completed.

Didn't have the time to run combofix. It was already 10pm then, and I had another 3 hours driving to get home.

So Johnb35, any thoughts on how to deal with an infection on multiple profiles?
 
The only thing I can tell you for now, is just scan each account with Malwarebytes and run combofix and post the log from it along with hijackthis from each account.
 
johnb35 said:
...from each account.
Click to expand...

I was pretty sure that is what this required. Just wondering if there was ANY OTHER WAY to do this. It is going to take forever to go through all of 'em. I should just take the time to consolidate all the profiles. Then this multiple profile infection garbage won't come up again. Thanks for the confirmation of the long job I knew I would have ahead of me! ha ha
 
What you need to do is go back to safe mode and scan the entire profile with MAlwarebytes and Superantyspyware (please update them before scanning).
Also please, please make sure you disable SYSTEM RESTORE. Viruses tend to hide there alot. My guess is thats how you keep getting the virus.
First disable SYSTEM RESTORE then scan in SAFE MODE>
 
You must log in or register to reply here.
Back
Top