Threat: Win32:VBCrypt-CSL [Trj], under file ntuser.dat.
Threat: JS:Iframe-CPX [Trj] was moved to chest fine.
Avast couldn’t repair, move to chest, or delete VBCrypt though; says the file is being used by another process. Obviously this is a trojan, but I not know how to handle it. Any advice on what to do?
EDIT: Just noticed the other thread about VBCrypt, but I’m unsure of how it pertains to my issue.
I would have thought that scan report meant I was good, but I just returned to my computer after being away for a week (it was off the whole time), and when I logged into Windows my desktop background was gone and many of my desktop icons were gone. A message popped (attached below) up saying I’m on a temporary profile, though it looks like I can still access all of my files. Noticing my browser favorites are also gone, and my Comodo browser points to Yahoo instead of Google when entering search terms in the URL textbox. Running a scan with avast now. I am logged on the administrator account. Anyone know what’s going on?
I have the Event Logs open, but I’m not really sure what I’m looking at/for.
My mistake, didn’t realize it was Malewarebytes THEN more steps. When trying to install OTL, an error message pops up saying “OTL cannot be run from a temporary folder! Please download it to your Desktop or other suitable location.”
I downloaded it to the desktop, same message appears.
EDIT: The idea to try a System Restore just crossed my mind, would that be a good idea?
Scanned the file with Malewarebytes and AVG, both turned up nothing. But clearly something is going wrong with my computer at the moment, as all the little issues listed above are persisting.
It appears that you did a Quick Scan with Malwarebytes rather than a Full Scan…you might want to update the definitions and run a Full Scan.
Before you do, and while you’re waiting for someone to get back to you (?), try running full scans of your system using ESET and then Symantec, at the links mentioned above…