Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVAST Home Ed v5 & Malwarebytes full version - still infected - advice


  • Please log in to reply
3 replies to this topic

#1 ChrisMoo

ChrisMoo

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 26 March 2010 - 02:06 PM

Hi folks,

Normally cleaning up PC's for people I have no issues but I have found my nemesis I think. I have someone who I have cleaned up a PC for a few times now. He has been using Rapidshare, Torrents, visits social sites like Myspace, Facebook, visits some sites that are not so umm social... [edit] this time I made it clear that he should steer clear of all download sites, alternative browsing, etc....

I cleaned up a load of junk on his machine and this time loaded up a paid version of Malwarebytes to get the resident/IP protection options. I also updated the AVAST to the latest v5.0 free home edition. Everything was clean, rootkit checked with a number of tools, good as new.

I get a call next day, machine is infected and has Antivirus Soft infection. Now as I have used Malwarebytes to remove this before from other machines I don't see how it got past the protection in place. Now MBAM is disabled and I am talking him through the manual procedure with RKILL, etc to try and remove it.

He says that he has not been downloading anything, visiting anything but Myspace and other normal sites.

I have found AVAST Home Ed and MBAM to be a reasonable protection mechanism in the past and have never had a machine/user come back like this.

Any suggestions, better protection methodologies, advice in general?

Much appreciated,

Chris

Edited by ChrisMoo, 26 March 2010 - 02:07 PM.


BC AdBot (Login to Remove)

 


#2 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:09:13 AM

Posted 26 March 2010 - 07:11 PM

Is he using an Admin account ? Create a restricted account for his online use or all time use. That way infections will not be able to install themselves as restricted accounts do not have permission to copy/delete/create files in system areas or important registry places.

#3 ChrisMoo

ChrisMoo
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 27 March 2010 - 08:32 PM

I had thought his account was a dumbed down one but will double check.

Many thanks

#4 BuzzCola

BuzzCola

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 10 May 2010 - 05:44 PM

Malwarebytes Full Version detects almost everything if you are using up to date virus libary, have you updated it recently?
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users