Much as I dislike distracting the SDMB with a pesky computer question, I am really at my wits’ end, and I know one of us will know the answer to this.
I work parttime as a personal assistant to an older gentleman who has an HP desktop running VistaSP1. My own pc is homebuilt, runs XP, & I’m the only one who uses it; so I’ve never had occasion to learn much about permissions, group policies, etc. I know almost nothing about how to work vista. (everything has been moved!)
Long story short, I’m sure he has been compromised by a botnet. There are many reasons for this, but the main two are:
- The appending of a second username he has never heard of to his own administrative account, with a roaming profile and folders full of shortcuts to programs he does not have, and
- He is locked out of his own “Documents & Settings” folder! (access denied.)
Oh, and did I mention, when I clicked “map network drive”, there were two systems listed – his own, and one called “Rogue 1.”
What I need to know is, how do I restore his pc to his own (autonomous) control? I can’t delete his profile: in addition to being the only one, it has all kinds of documents and program settings and stuff he does not wish to endanger. Also, I suspect that this interloper will interfere with any attempts to take back over. Obviously, I will need to unplug from the net while doing this, but how do I do it?
Here is what his directory tree looks like:
Desktop
Ronald (“not his actual name”)
Public
Computer
AVG8.vault
Documents and Settings
Programs
Ratchet (“not actual username of interloper”)
System Volume Information
Users
Windows
The “Ratchet” folder is of course protected. Halp!!