- Jan 15, 2012
- 2
- 0
- 18,510
Hey all! First time posting so bear with me if I don't provide the best info for you the first time around.
So I was removing some spyware from a computer today and while poking around in Windows Explorer, I saw that all the user account profile folders were named:
%USER%.HEY_BUDDY. There were also duplicate folders which seemed to be named correctly: %USER% in the same directory. After looking in both sets of directories, I found that the HEY_BUDDY directory was the local "good" folder (with all the user's sub folders & files) and the seemingly correctly named folder was almost empty...actually it looked like a brand new windows account folder (with My Docs, My Pic, Favs, etc. in it).
So, I re-named one of the %USER% folders to %USER%.bak and renamed the %USER%.HEY_BUDDY to just plain 'ol %USER%. I logged into that windows account and found that the system had created yet another profile folder, again named %USER.HEY_BUDDY%. This new folder was a default folder with just the minimal folders within it (My Docs, My Pic, Favs, etc.) and the other two folders I renamed kept their new names and all their sub folders and files.
So, if you are not completely lost by my explanation, can anyone tell me what is going on and how to solve it? I'd like to be able to keep the user account folders that contain all the user's documents and delete the other "fake" folders so I'm not sure re-installing windows will work here.
Any help is greatly appreciated.
Windows XP SP 3
AVG 2008 AV
AV Scan found nothing and Malware Bytes scan found a few spyware files but removing them did nothing to help me. HijackThis entries also seemed normal.
So I was removing some spyware from a computer today and while poking around in Windows Explorer, I saw that all the user account profile folders were named:
%USER%.HEY_BUDDY. There were also duplicate folders which seemed to be named correctly: %USER% in the same directory. After looking in both sets of directories, I found that the HEY_BUDDY directory was the local "good" folder (with all the user's sub folders & files) and the seemingly correctly named folder was almost empty...actually it looked like a brand new windows account folder (with My Docs, My Pic, Favs, etc. in it).
So, I re-named one of the %USER% folders to %USER%.bak and renamed the %USER%.HEY_BUDDY to just plain 'ol %USER%. I logged into that windows account and found that the system had created yet another profile folder, again named %USER.HEY_BUDDY%. This new folder was a default folder with just the minimal folders within it (My Docs, My Pic, Favs, etc.) and the other two folders I renamed kept their new names and all their sub folders and files.
So, if you are not completely lost by my explanation, can anyone tell me what is going on and how to solve it? I'd like to be able to keep the user account folders that contain all the user's documents and delete the other "fake" folders so I'm not sure re-installing windows will work here.
Any help is greatly appreciated.
Windows XP SP 3
AVG 2008 AV
AV Scan found nothing and Malware Bytes scan found a few spyware files but removing them did nothing to help me. HijackThis entries also seemed normal.
Facebook
Twitter
Instagram