Normally cleaning up PC's for people I have no issues but I have found my nemesis I think. I have someone who I have cleaned up a PC for a few times now. He has been using Rapidshare, Torrents, visits social sites like Myspace, Facebook, visits some sites that are not so umm social...  this time I made it clear that he should steer clear of all download sites, alternative browsing, etc....
I cleaned up a load of junk on his machine and this time loaded up a paid version of Malwarebytes to get the resident/IP protection options. I also updated the AVAST to the latest v5.0 free home edition. Everything was clean, rootkit checked with a number of tools, good as new.
I get a call next day, machine is infected and has Antivirus Soft infection. Now as I have used Malwarebytes to remove this before from other machines I don't see how it got past the protection in place. Now MBAM is disabled and I am talking him through the manual procedure with RKILL, etc to try and remove it.
He says that he has not been downloading anything, visiting anything but Myspace and other normal sites.
I have found AVAST Home Ed and MBAM to be a reasonable protection mechanism in the past and have never had a machine/user come back like this.
Any suggestions, better protection methodologies, advice in general?
Edited by ChrisMoo, 26 March 2010 - 02:07 PM.