My laptop is full of spyware

little laker · 06-29-2009, 07:19 PM

This is really intended more as a public service announcement than anything.

I loaned out my laptop (I rarely use it) to a friend about a month ago, and her daughter made one mistake.
Clicking on one of those really nice links with all the smilie faces on it. I'm sure that you know the ones, they laugh or shout something out at you, whenever you wave your mouse past them.

I made the discovery last week, when I tried going on-line, and saw their awful toolbar.
Since I made the same mistake a few years ago I knew what might happen, and sure enough it did.

The laptop, which is usually lightning fast is running slower than I thought possible.

My spyware scanners are all freezing part way through a scan, even while running in safe mode. I've given up trying to restore it.

At this point I've decided to wipe the harddrive, and do a full re-install during my next visit.

I honestly can't be upset with her. Like I've said I've made the same mistake in the past.

Please do yourself a favor before letting any children use your computers, and talk to them about those nasty little smiling faces and other spyware hazards.
Just as important, don't get upset at them if they do make the mistake. After all, we've all made mistakes.

In this case it's actually my fault anyways. When I loaned her mom my laptop I told her that the children weren't allowed to use it. Which she agreed to.
However I changed my mind, making it easier for her children doing their home schooling.

jct us101 · 06-29-2009, 07:23 PM

Spyware is the only thing keeping my laptop going as far as I know!

*maxwell1295* · 06-29-2009, 07:53 PM

Stu, try installing CCleaner and SpywareBlaster from FileHippo.com.

*xs400* · 06-29-2009, 08:08 PM

I have found the freeware program from Malwarebytes.org works well at removing spyware.

Kguru · 06-29-2009, 08:12 PM

I've made a practice of dividing my laptop hdd into 2-3 partitions, one of which to hold data/docs and a ghost image of the (Win+programs) partition taken before the baddies have a chance to attack. Anything occurs, boot into Ghost and it takes just 10 minutes to restore Win+programs from the image. Has rescued me & my family dozens of times.

_who_ · 06-29-2009, 08:16 PM

Originally Posted by xs400

I have found the freeware program from Malwarebytes.org works well at removing spyware.

I found this one works quite well.

I would suggest, however, that you turn off your system restore, run the malware program, the reset a new restore point.

Sometimes, malware and viruses will hide themselves in your restore points. when you turn off "restore" it does away with all previous restore points and allows your computer to start that all over again.

Maxington · 06-29-2009, 09:39 PM

Use a free browser like Firefox, and install the Adblock and Flashblock extensions.

No more ads, no more flash unless you want to enable it for a specific reason.

Of course, making sure people don't use IE anyhow if you lend them your laptop is another problem.....

vroom_skies · 06-29-2009, 09:56 PM

I'll just copy and paste this as I don't feel like typing it again, hope it helps.

Just to reinforce whats already been said.
There is no need to pay for ANY security software. There are free versions out there that do a fine job. If for some reason you wanted to pay lol I would suggest Nod32.

For free AV look at (Also, make sure to use only ONE):
- Antivir
- Avast
- AVG

Free MW/SW/AW (Frankly Spybot & Adaware are uneeded):
- Malwarebytes' Anti-Malware (All you really need at this point in time)
- Spybot SD (Nothing special here, but doesn't hurt)
- Adaware SE (Personally I don't like what they've done with the new version)

Other MW tools:
- Combofix
- SDFix

If you run into any issues like these again, off the bat run combofix, sdfix and malewarebytes. Those three will fix the majority of your issues. Word of warning, combofix & sdfix are 'harsher' programs, so it is a good idea to back up important files before running them (which you should do anyways). If your still having issues after wards download Hijackthis (HJT) and post a log from that on a forum that specializes in them. People there would be more then willing to give you a helping hand. Your best bet is to do a HJT log first, but if you didn't want to "waste" your time, then you can do the others first.

To prevent the majority of this in the future:
- Make sure to have a good AV and KEEP IT UPDATED
- Make sure to keep Windows up to date
- Have a firewall implemented, even if it's justs the Windows firewall
- Make sure Internet Explorer is updated or use a different web browser, such as FireFox

Hope that helps
Bob

Mr. The Guy · 06-29-2009, 11:38 PM

avast! is free for personal use too.

little laker · 06-30-2009, 12:09 AM

Thanks for all the tips,

She was using Firefox when she got it. So it isn't immune. It's the first program I discovered the tool bar on.

And I've used CClean to try cleaning the system.
AVG for the virus's
In the spyware department I've used Windows Defender, Ad-Aware, along with SuperAntiSpyware.
Although Ad-Aware has discovered it, it just freezes. And the other spyware programs don't even do that much.

I'll try a couple of other things, however I'm pretty much finished with it. I don't want to spend all day trying to patch it up, when it only takes 1/2 a day to re-do everything.

I'm not even planning on seeing them for a few weeks, so I imagine that it'll be even worst then.

ryan s · 07-02-2009, 05:36 PM

Originally Posted by Maxington

Use a free browser like Firefox, and install the Adblock and Flashblock extensions.

No more ads, no more flash unless you want to enable it for a specific reason.

Of course, making sure people don't use IE anyhow if you lend them your laptop is another problem.....

Adblock is awesome...a must have. I'll check out the Flashblock since I've never heard of it. I also tried NoScript but it didn't work for some reason.

On my PC, the desktop has 1 icon (Recycle Bin) and 4 buttons in the Quick Bar: Desktop, Documents, FF, and WinAmp...that's it. You'd have to dig to find IE in the Program menu as well

Edvinas · 07-02-2009, 06:12 PM

Noone mentioned essential mistake which people are making while using their windows machines: they are using Windows logged in as Administrators. This means that all malware is free to install itself anywhere, is free to modify all system settings, disable malware protection software and so on.

Create and use unpriviledged user. Then anyone can click whatever they want, system won't be affected, most of malware will fail simply because it won't get Administrator rights to run itself.

*Blue* · 07-02-2009, 07:22 PM

Originally Posted by jct us101

Spyware is the only thing keeping my laptop going as far as I know!

And you are running a Web Site?

little laker · 07-02-2009, 11:55 PM

We spent a couple of hours working at it again last night, and gave up. I believe that Angie will be taking the time to re-install Windows.

Originally Posted by Edvinas

Noone mentioned essential mistake which people are making while using their windows machines: they are using Windows logged in as Administrators. This means that all malware is free to install itself anywhere, is free to modify all system settings, disable malware protection software and so on.

They were logged in as me, Stu. However that wouldn't make it much safer, since I have access to just about (if not) everything through my name

Edvinas · 07-03-2009, 02:53 AM

Originally Posted by little laker

They were logged in as me, Stu. However that wouldn't make it much safer, since I have access to just about (if not) everything through my name

By saying "Administrator" I mean any user with administrator rights. Windows usually creates such users by default.