A subscriber wrote this week that he needed some guidance:
Terry, I really need your wisdom.
My computer started showing abc as administrator and I know nothing how this came up.
Ad-aware SE Professional and Norton cannot catch it. Ad-aware shows two programs blocked: abc@doubleclickcom and abc@atdmt.com
If you could recommend something or tell me what you think I would appreciate it.
It won’t cut off often and when I push button it seems not to want to cut off, but will after a few moments.
Thanks!
leon
I wrote back to Leon to tell him that, if he has a new “Administrator” showing up in Windows, he have a problem. However, the two items blocked appear to be cookies for the user “abc”.
In themselves, cookies are not bad. Doubleclick.com is owned by Google, and used to track some of their Google Adwords/Adsense ads. The other cookie is for the atdmt.com domain, which is owned by Microsoft Corporation.
The problem is the user abc — If you’re sure you haven’t created this user and wife and children haven’t created the ID, I suggest a trip to the local computer shop.
However, from what you’ve said, it sounds to me like you’ve gotten a remote control trojan that has allowed someone to access and set up an
account on your machine. I can’t give you the instructions on how to
resolve that. You need someone knowledgeable with their hands on
your computer.
Be sure to back up your data before taking it to the shop. Depending
on the method of attack, this could even get to reinstalling
Windows. Just removing the “abc” administrator’s UserID in Windows
isn’t enough — whatever originally allowed them access is probably
still there.
Leon sent back:
Thanks Terry. I will do that.
and