My friend lives several thousand miles away. He got a virus that has taken over his email and is sending out spam. He runs Win7 Premium 64 Bit on an Acer Aspire M3400 desktop computer. We think he got the virus by opening an email and clicking on a link. When I originally set up his computer (via Logmein), I set up two ids, one administrative and the other standard. This is supposed to be more secure. He got the virus on the standard id. I set up Thunderbird email for him and I can see the hundreds of emails that have been sent. He has Avast Internet Security and Malwarebytes Anti-Malware Pro.
When he told me about this two days ago I got onto the Administrative id and ran an Avast scan. It found nothing. I ran a Malwarebytes scan. That found a lot of stuff that I cleaned out. I also ran Trend-Micros housecall and Kaspersky TDSSKiller. They found nothing. Today his ISP called and said his computer was still sending out hundreds of emails.
Even if he did click on a bad link, why didn't Avast Internet Security and Malwarebytes protect him? Why didn’t I find anything when I ran all those scans? Do I have to run them from the same id that got the virus? What can I do to find and eliminate the virus?