holy Spyware

[Bennyb]

I JUST installed windows on this computer, and after installing the mobo drivers and such i got an alert that pointed me to a website... After bouncing around on the internet for literlally 3 minutes i was hit with the BIGGEST wave of pop ups i have ever had... Now i have so much spyware on this computer it seems almost pointless to do anything but reformat and install netscape immeditly...

I've run adaware and spyware doctor but they haven't done anything... My desktop is red with an advertisment on it and i cant chance it... this is really annoying....

 

[Lethal]

Please don't use implied swearing like " f*cking" in thread titles.

 

[Syndicated_Death]

I feel your pain man.. the order in which you do things is install windows then sp2 then get on the web get your browser of choice then surf on

 

[FanZ]

try booting into safe boot; run adaware, spybotS&D, and Microsoft antispyware. If that doesnt fix it, try to see possible hijacks using HijackThis. If all else fails, a fresh install might be in order.


oh, and when you do reinstall windows, get firefox and be happy.

 

[GJSNeptune]

install netscape immeditly...

...haha.



Firefox forever!

 

[Terpfen]

This is why the last component to be installed on your computer should always, ALWAYS be the networking cable.

 

[astern]

That sucks man, Spyware can be a complete pain to deal with it, especially when it's on someone else's computer. For example, my uncle had me format his comp because it was so bogged down with spyware and other junk. Before I formatted it though I gave Adaware SE a run through... 600+ things, and my jaw literally dropped. As soon as I formatted and got SP2, I got Firefox for him.

I went to see him around Easter, about two months since I formatted his drive. Ran Adaware, found a total of zip, zilch, none, nothing, nada, no spyware whatsoever.

 

[PoisonedPawn45]

Another vote for firefox and adaware.

 

[Bennyb]

hah, sorry about the swearing, I was kind of angry because my entire desktop was red and i couldn't rightclick at all.

I ended up reformating and doing a fresh install. Running like a charm now... Just need to update windows now

 

[Ice Czar]

http://hardforum.com/showthread.php?t=768776

specifically this part


a personal checklist
---------------------------------------------------------------
install Service Pack and hotfixes
close the vulnerable NetBIOS ports and cleanup bindings
Cofigure IPSec
Retrict access to LSA info

disable unecessary services

disable Guest account
setup my user account
rename Administrator account
create fake Administrator account (disabled)
enable network lockout of the true Administrator account
Limit the number of logon accounts

remove the "Everyone" group and replace with "Authenticated Users" shares
disable default hidden shares, administrative shares, IPC$

disable HTML in e-mail
disable ActiveX
disabling or limiting WHS\VB\Java\Java Scripts (install HTAstop, Script Defender, noscript.exe)
rename shscrap.dll to shscrapold;
Unhide File extensions, protected files, all files and folders

Enable Encrypted File System
Encrypt the Temp Directory
setup to clear the paging file at shutdown
lockdown the registry

disable dumpfile creation
remove insecure subsystems (OS/2 and POSIX)

protect or remove: arp.exe \ at.exe \ cacls.exe \ cmd.exe \ Command.com \ cscript.exe \ debug.exe \ edit.com \ edlin.exe \ finger.exe \ ftp.exe \ pconfig.exe \ Issync.exe \ nbtstat.exe \ net.exe \ Net1.exe \ netstat.exe \ netsh.exe \ nslookup.exe \ ping.exe \ posix.exe \ qbasic.exe \ rcp.exe \ regedit.exe \ regedt32.exe \ regini.exe \ rexec.exe \ rsh.exe \ route.exe \ Runas.exe \ runonce.exe \ telnet.exe \ tftp.exe \ tracert.exe \ Tlntsvr.exe \ wscript.exe \ xcopy.exe
remove the .reg file association from the registry editor
these all make it much harder for someone that has already compromised your computer
it there is a brain behind the attack (a hack or trojan) then they would need to reenable these if they can, which might tip their hand, the same goes for an automated attack like a worm, if it could manage it at all, and many more minor peices of malware\spyware, rely on some of these for infection or more accurately reinfection like runonce.exe, regedit, ect or as the vector for infection in more serious malware like ftp or telnet

Install and schedual trojan scanner, anti virus and intrusion detection
Install and configure Worm Guard

Install Firefox and Lockout access to Internet Explorer with NTFS Permissions to all accounts other than the Administrative Account

configure security policy control
enable auditing (logon, object, privilege, account management, policy, system)
set permissions on the security event log
set account lockout policy
assign user rights
set security options
configure firewall

Test
Run Baseline Security Analyzer (freeware)
> connect to the internet
Run NessusWX (freeware)

Do a remote Port Scan