• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Computer keeps getting infected, why?

strep3241

strep3241

Senior member
There is something going on here. My dad's computer keeps getting infected over and over. He was running Windows XP so I thought maybe there was a problem with XP. So just recently I built him a new computer with Windows 7 32bit and he just got infected again with the Windows Restore virus. He does not do any illegal downloading of any kind.

This is what I don't understand. My computer is connected to the same router and I never have a bit of trouble with viruses. We both use MSE for the antivirus. The only thing I have different is I have the paid version of MBAM. I run Windows 7 64bit if that makes a difference.

Why does he keep getting infected? The Windows firewall is turned on. MSE is always on. Could there be a setting in the router that is causing problems? If so, why doesn't if affect my computer? The router is a Linksys WRT54GS.

Most of the time, I can get rid of the virus without too much trouble.
 
It's not doing it by itself... He is visiting websites that have that stupid box that pops up and acts like a real antivirus. (yes a lot of these websites are porn websites) He probably gets scared and continues on with it, and it follows through and installs the windows restore virus crap.
 
spikespiegal said:
Because that would make sense and stop the problem.
Click to expand...

What would make sense?

nboy22 said:
It's not doing it by itself... He is visiting websites that have that stupid box that pops up and acts like a real antivirus. (yes a lot of these websites are porn websites) He probably gets scared and continues on with it, and it follows through and installs the windows restore virus crap.
Click to expand...

I am not saying he doesn't visit porn sites but he would not install anything like that without knowing what it is. He knows better than that.

I am going to have him buy MBAM since I have been using it along with MSE and not one problem. He also uses MSE.
 
As others have said, he either visits sketchy sites or, perhaps you are only eliminating the trojan and not the malware it invites.
 
MSE is fairly weak as far as the free AV's go, so I'd change that to start. Avast is probably the best freebie.

I agree with the others, the pron is getting him infected. A password protected limited account will prevent almost everything. The password should be only one you know so he can't install anything really. UAC will block most apps from installing or changing any system files. This will keep infections minimal.

Secondly put his web browser in Sandboxie and that'll be a pretty resilient solution.

memory said:
How would this keep him from getting infected?
Click to expand...
 
Scouzer said:
MSE is fairly weak as far as the free AV's go, so I'd change that to start. Avast is probably the best freebie.

I agree with the others, the pron is getting him infected. A password protected limited account will prevent almost everything. The password should be only one you know so he can't install anything really. UAC will block most apps from installing or changing any system files. This will keep infections minimal.

Secondly put his web browser in Sandboxie and that'll be a pretty resilient solution.
Click to expand...

I don't believe MSE is the problem. I am using MSE and I have not had any problems for at least a few years.

Are you saying make it where he has to enter a password to log on? Or do you mean when something comes up wanting him to install a program, he would need a password to install that program? How do you go about doing that? Honestly, he would not install anything unless he knows what it is or asks me first. I don't believe it is porn causing it either.

Would him having 32bit Windows and me having 64bit Windows make a difference? Is 64bit Windows more secure?
 
memory said:
I don't believe MSE is the problem. I am using MSE and I have not had any problems for at least a few years.

Are you saying make it where he has to enter a password to log on? Or do you mean when something comes up wanting him to install a program, he would need a password to install that program? How do you go about doing that? Honestly, he would not install anything unless he knows what it is or asks me first. I don't believe it is porn causing it either.

Would him having 32bit Windows and me having 64bit Windows make a difference? Is 64bit Windows more secure?
Click to expand...

No, you'd set up Windows to have two accounts. One Admin account which you'd have the password to, and his account which would be a Limited User. For him to install anything, you'd have to enter the Admin's password.

It's a breeze on Windows 7, a quick Google search will get you started.

32 v 64 bit has minor security differences I wouldn't concern oneself with. Sandboxie + Limited User + Good AV is pretty bulletproof.
 
Switch to firefox, install avast anti-virus, make sure the operating system is up-to-date on security patches, scan with combo fix and malware bytes.

If the computer keeps getting infected, something is exploiting a weakness in security - whether that weakness is browser based, java based, activeX based, operating system based,,,,, only you can figure that out.

One guy I know, he refused to update the operating system. He thought micosoft was going to install stuff to spy on him. Once he got his computer, the first thing he did was he turned off microsoft automatic updates. Instead of an anti-virus he ran zonealarm firewall. Then the guy complained that his computer kept getting malware. By the time I talked him into turning on windows updates, his computer was 3 or 4 years behind on updates.
 
Its remote but possible, the question is does your daddy have a program he installs burned to CD that is not on your computer. If so that CD could be installing a virus and a back door along with what ever else legitimate it installs. And as soon as you clean out all the malware, the back door re-opens and it all comes back.

Other than that, I would say its time for a much better firewall with log files, very good process control, and a limited account.
 
wow that is a crazy story! i wonder how many updates he had to install?

If possible i would also run the browser in a sandbox and also run secunia PSI to find any other programs that are possibly out of date.

Texashiker said:
Switch to firefox, install avast anti-virus, make sure the operating system is up-to-date on security patches, scan with combo fix and malware bytes.

If the computer keeps getting infected, something is exploiting a weakness in security - whether that weakness is browser based, java based, activeX based, operating system based,,,,, only you can figure that out.

One guy I know, he refused to update the operating system. He thought micosoft was going to install stuff to spy on him. Once he got his computer, the first thing he did was he turned off microsoft automatic updates. Instead of an anti-virus he ran zonealarm firewall. Then the guy complained that his computer kept getting malware. By the time I talked him into turning on windows updates, his computer was 3 or 4 years behind on updates.
Click to expand...
 
Chiefcrowe said:
wow that is a crazy story! i wonder how many updates he had to install?
Click to expand...

At least a service pack. He did not want to install XP service pack 2 until 2 or 3 years after it came out. And then the same thing with xp service pack 3. I finally got him to let windows automatic updates do its job, and got him to use firefox.

A couple of months ago he got a new dell with windows 7, I made automatic updates was enabled on the new machine.

The smallest things can have a big impact on security, like an anti-virus, automatic security updates, keep your browser updated,,,,, stuff that takes just a couple of minutes can pay off in the long run.
 
Last edited:
Thanks for the suggestions. I have always heard good things about MSE so I figured I would give it a try. I have been using it for a while and no problems.

I think we figured out what the problem was. He uses a program called PCDART. And it seems everytime he gets infected, he just used that program. It is a program used to keep track of cow information and he has to send data to the company once in a while and maybe that is when it is happening. We both never cared for PCDART but really that is the only option.
 
Sound like conflicker or a network worm. Conflicker were not finished with it yet. It can sit in hiding in a network receiving new updates. Believe me the world has not seen the end of it. Its still sitting in wait on several networks.
1st you do. Disconnect his pc from the network.
Download dr web cure it
www.freedrweb.com/cureit/?lng=en
Put it on a disk then scan his whole pc. scan his flash drives everything with a cold boot.
Then go to foundstone.com and download the Conflicker detection tool. Connect all the pcs to the network and run it. Also remember to scan your pc with a cold boot aswell
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top