General discussion

Locked

How do you handle dimwitted users?

By normhaga ·
Today I had a computer return for service; last week I did a reinstall and malware removal on this computer, as I had the week before.

Today I went further than I usually do and tracked down how the user is constantly being infected with trojan rootkits and virus.

In the past, I thought I had the problem resolved by installing that nagware SpyBot with Tea Timer. This did not work because the user is an indiscriminate "Clicker."

Why do I say that the site is installing malware? Because as soon as the logon button is clicked Windows reports that IE7 is attempting to copy to the clipboard, all USB ports loose connectivity, the CD/DVD is no longer accessible, IE refuses to shutdown and you have to do a forced powerdown. When you come up after MSconfig starting only the services Windows needs you again find the same rootkit and 65 virus you just removed. On a clean install the same thing happens as soon as you log in to the site; it does not however happen when you login with a browser other than IE.

Well, I tracked the installation of the malware down to one website that appears to be rooted. The site is: www.esp-inc.com. The malware is installed only after the user logs in (verified three times in a V.M.).

I told the user not to log into the site because it was installing the malware. Well, right in front of me the user logged into the site and immediately reinfected the box, then had the audacity to blame me.

The user needs to access this site to take some ultrasound exams, but at the time the site is unsafe.

I sent email to the site administrator informing him/her that the site appeared to be rooted and was installing malware and included logs showing this along with my bill for having to redo work.

Short of refusing to work on the users computer because of stupidity, what can I do? Report the site to ICAAN and Google as a malware purveyor? I did argue with someone who insisted that there was something installed on the computer that was installing the malware. They could not answer "What part of fresh install do you not understand."

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

A friends story and how he resolved it!

by Russell Gates In reply to How do you handle dimwitt ...

A friend(sysadmin) had a client that couldn't help but click on that darn Snow White & The Seven Dwarves virus. Yes a long time ago. He ended setting the virus scan to run a thorough 100% slow a** scan EVERY time this guy opened ANY file!! His boss thought it was the funniest thing in the world. Guy learned his lesson.

Related Discussions

Related Forums