Counter attack: What utilities to install on old W2K system

[Muse]

My brother's old Windows 2000 computer was simply a mess last week, completely frustrating. I had him download and install Firefox instead of his IE6, which was practically unusable and then AVG Free and do a system scan. Things are a lot better and the constant popups have stopped but he's convinced that there's a ton of spyware messing his system up. We figure to get him a new computer with some kind of Vista installed in a few weeks. Meantime, I want to get him on the phone again and have him download and install some free spyware removal tools. What do you recommend?

Superantispyware?

 

[mechBgon]

Forget AVG Free, use AntiVir PE Classic or a 30-day trialware of Kaspersky Antivirus 7. Superantispyware has earned a good reputation, so that would be worth a shot, yeah. If it were me, I'd laugh at the malware, make a DBAN CD, boot from it and nuke that thing, then reinstall Win2000 and get it properly secured (while enjoying snacks and beverages of choice, of course ). That way, there's no question it's clean, and it's unlikely to get compromised again either.

The "properly secured" strategy needs a couple adjustments for Win2000. Win2000 has no DEP, so skip that step, and can't do Software Restriction Policy, so disregard that too. Because Win2000 has no firewall of its own, add a software firewall to keep network attacks at bay. Despite a lack of DEP and SRP, Win2000 can still shrug off amazing amounts of real-world exploits and attacks if he will use a non-Admin user account (yes, even with IE6). IMHO, this can't be overstated. Put them Admin powars aside

There's a "Restrict Anonymous" setting in Win2000's Local Security Policy that should be set to "No access without blah blah," so go to Control Panel > Administrative Tools > Local Security Policy, then down to Local Policies > Security Options and it'll be the first one on the list.

 

[Muse]

Originally posted by: mechBgon
Forget AVG Free, use AntiVir PE Classic or a 30-day trialware of Kaspersky Antivirus 7. Superantispyware has earned a good reputation, so that would be worth a shot, yeah. If it were me, I'd laugh at the malware, make a DBAN CD, boot from it and nuke that thing, then reinstall Win2000 and get it properly secured (while enjoying snacks and beverages of choice, of course ). That way, there's no question it's clean, and it's unlikely to get compromised again either.

The "properly secured" strategy needs a couple adjustments for Win2000. Win2000 has no DEP, so skip that step, and can't do Software Restriction Policy, so disregard that too. Because Win2000 has no firewall of its own, add a software firewall to keep network attacks at bay. Despite a lack of DEP and SRP, Win2000 can still shrug off amazing amounts of real-world exploits and attacks if he will use a non-Admin user account (yes, even with IE6). IMHO, this can't be overstated. Put them Admin powars aside

There's a "Restrict Anonymous" setting in Win2000's Local Security Policy that should be set to "No access without blah blah," so go to Control Panel > Administrative Tools > Local Security Policy, then down to Local Policies > Security Options and it'll be the first one on the list.

Thanks. I hadn't heard of DBAN before, but just had a look and it looks very useful. I'm rebuilding my 2nd PC, basically it's a second box for testing, and an alternate access to Internet, mail or even basic use if and when my main PC goes down (like last month when my mobo suddenly and without warning started killing video cards and one of my PSUs).

I reformated a drive to put in the box, but I gather looking at the DBAN page that it's better to wipe all HDs in the system. I have a lot of old stuff there, mostly junk and probably little or nothing I need, so I could just run DBAN on the whole machine with all the HDs attached.

I'm week in the acronyms you used there:

DEP
SRP

I guess I can look them up at acronymfinder

 

[law9933]

more options, all free

Avast is another AV

http://www.download.com/Avast-...0019223.html?tag=lst-1]http://www.download.com/Avast-Home-Edition....html?tag=lst-1[/url

antispyware

Adaware SE is no longer supported, it is now Adaware 2007

SpywareBlaster is active protection http://www.download.com/Spywar.../300....html?tag=lst-5

Spybot http://www.download.com/Spybot...Dest...4-10122137.html

a-squared http://www.download.com/A-Squa...-223...tml?tag=lst-0-9

Superantispyware http://www.download.com/SUPERA...re-F....html?tag=lst-2

 

[mechBgon]

Originally posted by: Muse

I'm week in the acronyms you used there:

DEP
SRP

I guess I can look them up at acronymfinder

Or you can just follow my "properly secured" link and it'll all be explained

Avast is another AV

...but with a relatively poor detection rate

 

[Muse]

Originally posted by: mechBgon

Originally posted by: Muse

I'm week in the acronyms you used there:

DEP
SRP

I guess I can look them up at acronymfinder

Or you can just follow my "properly secured" link and it'll all be explained

Avast is another AV

...but with a relatively poor detection rate

Thanks. Like I said, we're probably going to get my brother another computer and it will no doubt have some flavor of Vista installed. He seems pretty keen on not letting spyware influence his computing environment. I was surprised and pleased the way he expressed that to me. So, I figure there's at least a fair chance I can talk him into setting up a non-admin account for himself to use in day to day computing. After all, he isn't the kind of guy who constantly installs things. Once his PC is set up, I figure he's not going to want to install much of anything. He just browses, does email, run of the mill stuff.

DEP is dealt with at your "properly secured" link. I couldn't find (Control+F) SRP, though, but Acronymfinder's hits make me think it's MS's Security Rollup Package. Is that right? Ah, OK, I guess it's Software Restriction Policy, and that would be part of the DEP, I guess from what I'm seeing there.