Running the scans from a certain account usually doesn't matter (although for some scans it does, so using the involved account is preferred), but the cleaning out of the temp files needs to be done in the involved account (and preferably all accounts).
After you are clean you should probably reconsider having your son's account maintaining administrator privileges unless you implicitly trust him determining what is OK or not to install on your computer. As a matter of fact, some security experts recommend that if possible, anyone surfing the net do so from a 'limited' account as that level of account will not allow some malware programs to install due to not having permission to do so (more on this later..I will give you references that address this issue).
Let's do the following temp file cleaning instructions in ALL involved accounts on your computer, and do them in safe mode
Clean Temporary Files
Click OK to remove them.
- Go to Start Â» Run Â» type: cleanmgr Â» OK.
- Choose (C: ) and then click OK.
- Make sure these are the only ones that are checked :
- Temporary Internet Files
- Temporary Files
- Recycle Bin
Click Yes to confirm the deletion.
Then, run Ewido again, still in safe mode as we did previously.
After running Ewido, reboot normally into Windows and see if you are still having the problem with BitDefender finding the infected .tmp files. If you are still having this problem, run the Blacklight
scan I asked for earlier.