Hi there...
first time post on here, sorry if i'm requesting info that might have already been covered. If so, please highlight any links you know of which i'll glady follow
I built and maintain a machine for a colleague. Standard home user machine, XP home SP3, 5 desktops currently all with admin priviledges. After repeated infections which generally end up with having to format the drive and build again I am at a loss as to what else I can do to keep their machine running smoothly.
I always have used Avast, spybot and windows firewall (i use these on my own machine and have no problems at all).
The machine is currently infected with various instances of Virtumonde and other generic Win32 trojans. No amount of fixing will get the machine clean. I have gone thru all the scanners, reg editing etc that I know and still cannot get rid of the infections, tricksy little blighters that they are.
Without initally going into loads of detail, I have tried setting shedules for all AV etc software to update itself, raised privacy settings, all the usual stuff you would do.
Using the event viewer I have tracked down when the infections started this time, and have narrowed it down to a user visiting an unreputable web site, and getting either a pop under or a dodgy active x control. Searching the local settings folder showed a fake security centre with attached .bat files which I am guessing were responsible for shutting down Avasts resident scanner.
Anyone got any tips for increasing the levels of security whilst still allowing users to have reasonable levels of access under their priviledges to install programs, read/write files etc?
Regards
WB
first time post on here, sorry if i'm requesting info that might have already been covered. If so, please highlight any links you know of which i'll glady follow
I built and maintain a machine for a colleague. Standard home user machine, XP home SP3, 5 desktops currently all with admin priviledges. After repeated infections which generally end up with having to format the drive and build again I am at a loss as to what else I can do to keep their machine running smoothly.
I always have used Avast, spybot and windows firewall (i use these on my own machine and have no problems at all).
The machine is currently infected with various instances of Virtumonde and other generic Win32 trojans. No amount of fixing will get the machine clean. I have gone thru all the scanners, reg editing etc that I know and still cannot get rid of the infections, tricksy little blighters that they are.
Without initally going into loads of detail, I have tried setting shedules for all AV etc software to update itself, raised privacy settings, all the usual stuff you would do.
Using the event viewer I have tracked down when the infections started this time, and have narrowed it down to a user visiting an unreputable web site, and getting either a pop under or a dodgy active x control. Searching the local settings folder showed a fake security centre with attached .bat files which I am guessing were responsible for shutting down Avasts resident scanner.
Anyone got any tips for increasing the levels of security whilst still allowing users to have reasonable levels of access under their priviledges to install programs, read/write files etc?
Regards
WB