Parents ran/opened a trojan
My parets received an email to their work computer with an attachement called:
They proceeded to download and open said file. The couldn't successfully open the file.
They proceeded to log into online banking and email.
Eventually they realised they had made a mistake and called me (I don't live at home).
Their banking has 2FA. I instructed them to change the banking password and email password from a different computer.
They had malwarebytes installed so I told them to scan the file. It was identified as a trojan.
I instructed them to restart the computer into safe mode, delete temporary files and run malwarebytes again with the rootkit option enabled as described here: https://www.pcworld.com/article/243818/how-to-remove-malware-from-your-windows-pc.html
Nothing was found.
I vetted their browser extensions and they didn't have anything suspicious installed.
Is there anything else they should do?
Seems good. Run a scan with HitmanPro to see if there is anything else. If there is something you can sign up for their free trial to remove it. (No card required.) I also suggest that your parents get Kaspersky Security Cloud - Free because Kaspersky is the best AV at the moment and it has real time protection included. And the 30 day trial for premium requires no credit card. You keep your RTP even after the trial unlike Malwarebytes.
Here are some AV scanners, take your pick:
- Kaspersky Virus Removal Tool
- Kaspersky TDSSKiller
- Emsisoft Emergency Kit
- ESET Online Scanner
- Norton Power Eraser
- Comodo Cleaning Essentials
- Avira PC Cleaner
- HitmanPro
- Zemana AntiMalware
- Malwarebytes
- AdwCleaner
- RogueKiller (and then click Portable 64 bits)
Most of those links are direct to the .exe or .zip, so feel free to google for them instead if you don't want to trust the random guy on the web (promise I won't be offended).
All of them are free, although some may have 'premium trials' that you can just decline or deactivate. Most (not Zemana and Malwarebytes) are portable, so there's nothing to install, you just run the scan and delete it after if you want.
I'd recommend they run the first 5 and RogueKiller. After, run HitmanPro, and if it comes back clean (tracking cookies can be ignored) then they're likely all good.
Kaspersky Security Cloud Free is probably the best free AV at the moment, but if you parents would prefer something simpler, Bitdefender Free is a good option. If you think you'd need help them remotely in the future though, have a look at Sophos Home Free.
Can you provide the detection logs from Malwarebytes? Without any information about the infection, it is just guess work whether the system is safe.
Right call on changing the bank and email credentials.