Just reformatted my system and re-installed XP. Once the install was complete, I thought it would be a good idea to update XP (windows update) before I installed any other programs.

So before having any other program installed (no fire wall, no antivirus, nothing) I went online to the Windows Update site and I instantly got hit with adware, "PopUpBlocker6.exe" to be exact and other viruses. I also got several pop up dialogue boxes telling me that the registry was "damaged" and directing me to a website to have it "fixed for free".

I went off line, installed Norton IS, NAV and Adaware. NAV found nothing after a scan, neither did Adware (which was updated). However, NIS was continuously capturing attempts of spyware and dialers trying to log on and send me to websites.

I deleted all the offending programs, once off line.

My question is, how did I get infected with so many so fast. I was online for less than an hour with a dial up connection.

Halder

Thats the way it is now-a-days :( fun isn't it...

Format, install OS then drivers, install Firewall & AV and anti-spyware then go get updates is usally the best idea in this crazy world.

after initial install i enable xp firewall first

then i do updates

It was quite unreal. I always thought you had to be on specific sites to be hijacked by spyware but it seems that just simply being online, does it.
Crazy!

Halder

thats pretty crazy it never hapened 2 me. Probably sumthing else if affected in ur pc besides ur hardrive.

If you look in your firewall log - if it has one - you will see many scans on ports 445,135,137,138,139,1026 and 1027 sometimes many times a minute. This is other peoples infected systems looking for a new victim to exploit. Some are virii some are hacktools which have the exploit and infection code programmed into them. They are mainly looking for unpatched Windows XP sp0 or sp1 systems which can be infected through either DCOM or RPC exploits but many other exploits for virii infected systems also exist. You don't even need to have IE open at all to become infected - so always enable the firewall before you go online.

Yep, new installs of XP or SP1 will have blaster and Sasser vulnerabilities... average is less than 7 minutes to get infected... best deal these days are slipstreamed XP SP2 cd ;) or I always have a USB flash disk with me, with DCOM / RPC patches ;)

Curio,
Your reply answered my question.

I left my system on overnight, downloading drivers, with only NIS Firewall up, I still haven't got SP2 yet, and NIS blocked over 300!!! attempts to infiltrate my system. Over 300! Wow.

NIS is stoping all this, so it's not a problem but the level of instrusion is insane.

Thanks to Cash_site as well for the idea of getting SP 2 on CD, thats my next move.

Thanks again, to all
Halder

Glad to help.

No problems Halder, we can all lement your situation, as its a pain to spend hours rebuilding an OS then try to be good and get windows update, BAM! virus attacked :( Good luck in future. :D

The internet is a far more dangerous place then it was 5 years ago, that's for sure, the industry got paranoid over security back then, now it's TRUELY justified.

It appears now days that EVERYONES a wan*er! :(