I got infected with Spyware

[A-Wing_Slash]

A few days ago, I was browsing the internet and managed to get infected with spyware of some kind. My anti-virus software announced it, but couldn't prevent it. Since then, not much apears to have happened to my computer. I've been getting frequent pop-ups telling me 'I have x type of spyware on my computer, click this link to download security software.' Nothing comes from them though. The computer's performance itself does not seem to have been changed, although a program I was downloading at the time of the infection (Internet Explorer 7) does not work, and freezes up my computer whenever I start it up.

What do I have to do to purge my computer of this program? And once I've done that, since its clear I never picked up on good security habits, what do I have to do to prevent this from happening again?

[Dominus Atheos]

The resources sticky at the top of the forum has a link to a wonderful guide on how to remove, and protect yourself from spyware.

[A-Wing_Slash]

Thanks for pointing that out. I guess I should have realized that their is a big sticky with just what I want up top. Oops.

[General Zod]

A few days ago, I was browsing the internet and managed to get infected with spyware of some kind. My anti-virus software announced it, but couldn't prevent it. Since then, not much apears to have happened to my computer. I've been getting frequent pop-ups telling me 'I have x type of spyware on my computer, click this link to download security software.' Nothing comes from them though. The computer's performance itself does not seem to have been changed, although a program I was downloading at the time of the infection (Internet Explorer 7) does not work, and freezes up my computer whenever I start it up.

What do I have to do to purge my computer of this program? And once I've done that, since its clear I never picked up on good security habits, what do I have to do to prevent this from happening again?

Wait. You actually clicked a popup that says you have X spyware on your computer, and it wants you to download a tool?

Those are common as fuck methods of getting people to install spyware on their machines. It's always a good idea to close those windows the moment they come up.

[FSTargetDrone]

Wait. You actually clicked a popup that says you have X spyware on your computer, and it wants you to download a tool?

Those are common as fuck methods of getting people to install spyware on their machines. It's always a good idea to close those windows the moment they come up.

Ew, he fell for that one.

A-Wing_Slash, you seriously will want to be investing in a pop-up blocker. You can set them to allow pop-ups from sites you choose, but most pop-ups are advertising junk.

[Einhander Sn0m4n]

Geeegggh...

http://www.bleepingcomputer.com/files/smitfraudfix.php
http://www.bleepingcomputer.com/forums/topic17258.html

[R. U. Serious]

What do I have to do to purge my computer of this program? And once I've done that, since its clear I never picked up on good security habits, what do I have to do to prevent this from happening again?

Well iven that by default most Windows Users run as adminstrators on their machine, so will any spyware you have installed. This means it could have dug itself really deep into the sytem. The only sure way of becoming free from potential backdoors is to make a fresh install of the syste as a whole.

There is a current breed of malware that usually tries not to (intentionally) harm the host too much, and "only" uses your machine (+cu+bandwidth) as a middleman to attack or spam other targets. This often ensures that users are not so fast about removing it - of course the net (haha) damage that is done is the same or actually worse, it's just that the harm is spread out more.


If you want to prevent similar things from happening in the future, I would suggest the following:
- make sure you always have all updates for windows installed
- make sure you always update all software that accesses the internet directly, or that works with data you received over the internet (browsers, emailclients, word-processors, torrent-clients etc. etc.)
- If your computer is somewhat recent (less than ~2 years old), I suggest you try out "BrowserApp" http://www.vmware.com/vmtn/appliances/d ... erapp.html which is basically two pieces of software: One that emulates a second computer (vmware), and the other a complete other operating system with a browser that runs inside it.

[FSTargetDrone]

- If your computer is somewhat recent (less than ~2 years old), I suggest you try out "BrowserApp" http://www.vmware.com/vmtn/appliances/d ... erapp.html which is basically two pieces of software: One that emulates a second computer (vmware), and the other a complete other operating system with a browser that runs inside it.

I use Sandboxie for this same purpose. However, be aware that if you intentionally download a file while running your favorite browser with Sandboxie, you really haven't downloaded anything at all! Or rather, you haven't actually saved the file. Presumably this would also make Windows Update ineffectual. So, you have to run the browser without it if you want to save a file. I have it set so all the browsers on my laptop will start with Sandboxie active (except for IE, which I only use for Windows Update).