Police Virus, back again!

dombooth said:
done Boot into safe mode
done Run MBAR
done M/B Quick Scan
done Run ComboFix
done Boot into normal mode
done Run RogueKiller
done M/B again
done HitmanPro
done ESET Online Scanner

LOTS of tracking cookies from p0rn sites.

Trojan.Siredef.C
Trojan.FakeMS

Dom
Click to expand...

There is your answer!

Sandboxie a web browser for his porn surfing only. Configure to auto empty when program ends or upon shutdown.

Use regular browser when he is not surfing for porn or other highly questionable sites.
 
dombooth said:
LOTS of tracking cookies from p0rn sites.

Trojan.Siredef.C
Trojan.FakeMS

Dom
Click to expand...

Well if he is going to keep browsing those sites he is going to keep getting infected. Make sure to kill the system restore points and have him install Malwarebytes Pro it might help. He may have a Flash or Java vulnerability. Which browser does he use mainly?
 
HFultzjr said:
There is your answer!

Sandboxie a web browser for his porn surfing only. Configure to auto empty when program ends or upon shutdown.

Use regular browser when he is not surfing for porn or other highly questionable sites.
Click to expand...


Will do, thanks.

Dom
 
ABTECH said:
Well if he is going to keep browsing those sites he is going to keep getting infected. Make sure to kill the system restore points and have him install Malwarebytes Pro it might help. He may have a Flash or Java vulnerability. Which browser does he use mainly?
Click to expand...

Removed all restore points,
created 1 new restore point,
He's got MB Pro
Flash/Java etc all up to date.

He uses Chrome.

Dom
 
HFultzjr said:
One other thing.....

Make sure he doesn't download anything while sandboxed or let anything run outside the sandbox. That would only defeat it's purpose.
Click to expand...

Thanks.

Does sandbox still run after the 30 days or does it need to be paid for?

Dom
 
dombooth said:
Thanks.

Does sandbox still run after the 30 days or does it need to be paid for?

Dom
Click to expand...

It still runs, just gives you a nag screen and not all the options.

It is well worth the price for the full version.....lasts a lifetime....no renewals.

Highly recommend trying for 30 days then look at the paid version.
 
HFultzjr said:
It still runs, just gives you a nag screen and not all the options.

It is well worth the price for the full version.....lasts a lifetime....no renewals.

Highly recommend trying for 30 days then look at the paid version.
Click to expand...

Yeah I'll let him try it for 30 days and see what he thinks.

Dom
 
dombooth said:
Yeah I'll let him try it for 30 days and see what he thinks.

Dom
Click to expand...

Also,

Make sure to show him how to right click the running icon and select "Terminate All Programs" when he gets in a pinch. I've seen a few things trying to linger but this will get rid of them all. If he doesn't do this, they will be gone on a re-boot.
 
HFultzjr said:
Also,

Make sure to show him how to right click the running icon and select "Terminate All Programs" when he gets in a pinch. I've seen a few things trying to linger but this will get rid of them all. If he doesn't do this, they will be gone on a re-boot.
Click to expand...

I will do, thanks.

Dom
 
You must log in or register to reply here.

Similar threads

Multi-Visions
Onedrive issues need help
Replies
3
Views
535
britechguy
britechguy
johnrobert
Dell Inspiron 15 3511 Firmware update
Replies
11
Views
988
GTP
GTP
ThatPlace928
[SOLVED] Best Remote Software?
2 3
Replies
58
Views
5K
twwabw
twwabw
britechguy
How in the world does one boot from USB these days?!!
2 3
Replies
48
Views
3K
lan101
lan101
HCHTech
Slow opening times for files on a network drive
Replies
10
Views
1K
trevm999
trevm999
Back
Top