Computer keeps getting infected, why?

strep3241 · Apr 11, 2011

There is something going on here. My dad's computer keeps getting infected over and over. He was running Windows XP so I thought maybe there was a problem with XP. So just recently I built him a new computer with Windows 7 32bit and he just got infected again with the Windows Restore virus. He does not do any illegal downloading of any kind.

This is what I don't understand. My computer is connected to the same router and I never have a bit of trouble with viruses. We both use MSE for the antivirus. The only thing I have different is I have the paid version of MBAM. I run Windows 7 64bit if that makes a difference.

Why does he keep getting infected? The Windows firewall is turned on. MSE is always on. Could there be a setting in the router that is causing problems? If so, why doesn't if affect my computer? The router is a Linksys WRT54GS.

Most of the time, I can get rid of the virus without too much trouble.

compman25 · Apr 11, 2011

Your dad likes the porn

Chiefcrowe · Apr 11, 2011

not sure why but you should set him up with a limited user account also to try to limit this.

spikespiegal · Apr 11, 2011

Because that would make sense and stop the problem.

nboy22 · Apr 11, 2011

It's not doing it by itself... He is visiting websites that have that stupid box that pops up and acts like a real antivirus. (yes a lot of these websites are porn websites) He probably gets scared and continues on with it, and it follows through and installs the windows restore virus crap.

strep3241 · Apr 11, 2011

spikespiegal said:
Because that would make sense and stop the problem.

What would make sense?

nboy22 said:
It's not doing it by itself... He is visiting websites that have that stupid box that pops up and acts like a real antivirus. (yes a lot of these websites are porn websites) He probably gets scared and continues on with it, and it follows through and installs the windows restore virus crap.

I am not saying he doesn't visit porn sites but he would not install anything like that without knowing what it is. He knows better than that.

I am going to have him buy MBAM since I have been using it along with MSE and not one problem. He also uses MSE.

strep3241 · Apr 11, 2011

Chiefcrowe said:
not sure why but you should set him up with a limited user account also to try to limit this.

How would this keep him from getting infected?

MagnusTheBrewer · Apr 11, 2011

As others have said, he either visits sketchy sites or, perhaps you are only eliminating the trojan and not the malware it invites.

Scouzer · Apr 11, 2011

MSE is fairly weak as far as the free AV's go, so I'd change that to start. Avast is probably the best freebie.

I agree with the others, the pron is getting him infected. A password protected limited account will prevent almost everything. The password should be only one you know so he can't install anything really. UAC will block most apps from installing or changing any system files. This will keep infections minimal.

Secondly put his web browser in Sandboxie and that'll be a pretty resilient solution.

memory said:
How would this keep him from getting infected?

strep3241 · Apr 11, 2011

Scouzer said:
MSE is fairly weak as far as the free AV's go, so I'd change that to start. Avast is probably the best freebie.

I agree with the others, the pron is getting him infected. A password protected limited account will prevent almost everything. The password should be only one you know so he can't install anything really. UAC will block most apps from installing or changing any system files. This will keep infections minimal.

Secondly put his web browser in Sandboxie and that'll be a pretty resilient solution.

I don't believe MSE is the problem. I am using MSE and I have not had any problems for at least a few years.

Are you saying make it where he has to enter a password to log on? Or do you mean when something comes up wanting him to install a program, he would need a password to install that program? How do you go about doing that? Honestly, he would not install anything unless he knows what it is or asks me first. I don't believe it is porn causing it either.

Would him having 32bit Windows and me having 64bit Windows make a difference? Is 64bit Windows more secure?

Scouzer · Apr 11, 2011

memory said:
I don't believe MSE is the problem. I am using MSE and I have not had any problems for at least a few years.

Are you saying make it where he has to enter a password to log on? Or do you mean when something comes up wanting him to install a program, he would need a password to install that program? How do you go about doing that? Honestly, he would not install anything unless he knows what it is or asks me first. I don't believe it is porn causing it either.

Would him having 32bit Windows and me having 64bit Windows make a difference? Is 64bit Windows more secure?

No, you'd set up Windows to have two accounts. One Admin account which you'd have the password to, and his account which would be a Limited User. For him to install anything, you'd have to enter the Admin's password.

It's a breeze on Windows 7, a quick Google search will get you started.

32 v 64 bit has minor security differences I wouldn't concern oneself with. Sandboxie + Limited User + Good AV is pretty bulletproof.

Texashiker · Apr 14, 2011

Switch to firefox, install avast anti-virus, make sure the operating system is up-to-date on security patches, scan with combo fix and malware bytes.

If the computer keeps getting infected, something is exploiting a weakness in security - whether that weakness is browser based, java based, activeX based, operating system based,,,,, only you can figure that out.

One guy I know, he refused to update the operating system. He thought micosoft was going to install stuff to spy on him. Once he got his computer, the first thing he did was he turned off microsoft automatic updates. Instead of an anti-virus he ran zonealarm firewall. Then the guy complained that his computer kept getting malware. By the time I talked him into turning on windows updates, his computer was 3 or 4 years behind on updates.

Lemon law · Apr 14, 2011

Its remote but possible, the question is does your daddy have a program he installs burned to CD that is not on your computer. If so that CD could be installing a virus and a back door along with what ever else legitimate it installs. And as soon as you clean out all the malware, the back door re-opens and it all comes back.

Other than that, I would say its time for a much better firewall with log files, very good process control, and a limited account.

Chiefcrowe · Apr 14, 2011

wow that is a crazy story! i wonder how many updates he had to install?

If possible i would also run the browser in a sandbox and also run secunia PSI to find any other programs that are possibly out of date.

Texashiker said:
Switch to firefox, install avast anti-virus, make sure the operating system is up-to-date on security patches, scan with combo fix and malware bytes.

If the computer keeps getting infected, something is exploiting a weakness in security - whether that weakness is browser based, java based, activeX based, operating system based,,,,, only you can figure that out.

One guy I know, he refused to update the operating system. He thought micosoft was going to install stuff to spy on him. Once he got his computer, the first thing he did was he turned off microsoft automatic updates. Instead of an anti-virus he ran zonealarm firewall. Then the guy complained that his computer kept getting malware. By the time I talked him into turning on windows updates, his computer was 3 or 4 years behind on updates.

Texashiker · Apr 14, 2011

Chiefcrowe said:
wow that is a crazy story! i wonder how many updates he had to install?

At least a service pack. He did not want to install XP service pack 2 until 2 or 3 years after it came out. And then the same thing with xp service pack 3. I finally got him to let windows automatic updates do its job, and got him to use firefox.

A couple of months ago he got a new dell with windows 7, I made automatic updates was enabled on the new machine.

The smallest things can have a big impact on security, like an anti-virus, automatic security updates, keep your browser updated,,,,, stuff that takes just a couple of minutes can pay off in the long run.

strep3241 · Apr 14, 2011

Thanks for the suggestions. I have always heard good things about MSE so I figured I would give it a try. I have been using it for a while and no problems.

I think we figured out what the problem was. He uses a program called PCDART. And it seems everytime he gets infected, he just used that program. It is a program used to keep track of cow information and he has to send data to the company once in a while and maybe that is when it is happening. We both never cared for PCDART but really that is the only option.

Binky · Apr 15, 2011

Spend the $25 on a full copy of Malwarebytes. Use it with MSE. Do full scans with both.

strep3241 · Apr 15, 2011

That is what I plan on doing.

LiuKangBakinPie · Apr 19, 2011

Sound like conflicker or a network worm. Conflicker were not finished with it yet. It can sit in hiding in a network receiving new updates. Believe me the world has not seen the end of it. Its still sitting in wait on several networks.
1st you do. Disconnect his pc from the network.
Download dr web cure it
www.freedrweb.com/cureit/?lng=en
Put it on a disk then scan his whole pc. scan his flash drives everything with a cold boot.
Then go to foundstone.com and download the Conflicker detection tool. Connect all the pcs to the network and run it. Also remember to scan your pc with a cold boot aswell

Computer keeps getting infected, why?

Senior member

Diamond Member

Diamond Member

Golden Member

Diamond Member

Senior member

Senior member

IN MEMORIAM

Lifer

Senior member

Lifer

Lifer

Lifer

Diamond Member

Lifer

Senior member

Diamond Member

Senior member

Diamond Member