Much as I dislike distracting the SDMB with a pesky computer question, I am really at my wits’ end, and I know one of us will know the answer to this.
I work parttime as a personal assistant to an older gentleman who has an HP desktop running VistaSP1. My own pc is homebuilt, runs XP, & I’m the only one who uses it; so I’ve never had occasion to learn much about permissions, group policies, etc. I know almost nothing about how to work vista. (everything has been moved!)
Long story short, I’m sure he has been compromised by a botnet. There are many reasons for this, but the main two are:
- The appending of a second username he has never heard of to his own administrative account, with a roaming profile and folders full of shortcuts to programs he does not have, and
- He is locked out of his own “Documents & Settings” folder! (access denied.)
Oh, and did I mention, when I clicked “map network drive”, there were two systems listed – his own, and one called “Rogue 1.”
What I need to know is, how do I restore his pc to his own (autonomous) control? I can’t delete his profile: in addition to being the only one, it has all kinds of documents and program settings and stuff he does not wish to endanger. Also, I suspect that this interloper will interfere with any attempts to take back over. Obviously, I will need to unplug from the net while doing this, but how do I do it?
Here is what his directory tree looks like:
Ronald (“not his actual name”)
Documents and Settings
Ratchet (“not actual username of interloper”)
System Volume Information
The “Ratchet” folder is of course protected. Halp!!