Trying to figure out if my parents' computer is infected

Discussion in 'malware problems & news' started by delerious, May 5, 2008.

Thread Status:
Not open for further replies.
  1. delerious

    delerious Registered Member

    Jul 16, 2006
    My parents got a Vista computer a few days ago, and all of the security stuff is running (Windows Firewall, Windows Updates, Windows Defender). I also installed AntiVir and Firefox. I did disable one thing though - the User Account Control.

    Yesterday my dad was browsing, and then he called me over to the computer. Somehow Firefox had gone over to, and I noticed that a suspicious executable had been downloaded, and there were prompts asking to run some code. I said No, closed all the browser windows, deleted the executable file that had been downloaded, and then let my dad continue surfing.

    Now I am trying to figure out if the computer got infected, because I don't know if my dad may have inadvertently executed any code. Would Windows Defender have stopped anything from executing? I now regret turning off the User Account Control. Although I just noticed that User Account Control is enabled again. Very strange, I don't know how that happened.

    Also, could I save myself the trouble of running a bunch of virus/spyware scans by using the System Restore feature in Vista? I see that there is a restore point from yesterday that is prior to my dad's encounter with the spyware site. If I go back to that restore point, would that guarantee that any spyware on the system would be removed? I'm not sure if that would work, because I read that System Restore does not restore all files.

    If using System Restore is not a good idea, then what should be my first step? Run HijackThis? Or run a bunch of virus/spyware scans?
  2. HURST

    HURST Registered Member

    Jul 20, 2007
    I don't use Vista, but I would do system restore and then just one or 2 scans.
    For scanning, use SuperAntiSpyware.
    For a second opinion, I would use Dr. Web CureIt.

    I think this could have been avoided with UAC.

    Maybe you could consider a sandbox for the browser and/or NoScript extension on firefox
  3. ErikAlbert

    ErikAlbert Registered Member

    Jun 16, 2005
    Before using the computer, your parents should have taken a backup first and then go on-line.
    They don't have a boot-to-restore, which means a classical security setup. :rolleyes:
    Firewall + AntiVirus + AntiSpyware, plenty of choice. UAC = on, not off.
    Firefox + NoScript + AdBlockPlus and sandboxed + locked data folders.
    Email : ignore and delete all spam-emails, without opening them (= very difficult) and don't believe the million dollar winnings.
    Last edited: May 6, 2008
Thread Status:
Not open for further replies.