Spyware Removal Help
With the growing number and destructive effects of adware/spyware, (hereto referred to collectively as spyware), that I have been finding on computer systems lately, the intent of this document is to assist you in removing these problems from your computer.
Click on a link below to go directly to that section
Spyware can get on your computer from a number of sources including, but not limited to, the following;
- Downloading and installing malicious software intentionally or unintentionally.
- Mistyping a website address and being redirected to a spyware site.
- Visiting malicious websites on the internet.
Spyware often comes in the form of helpful or entertaining software, usually free, that is downloaded from the internet. Companies that incorporate spyware cannot afford to program and distribute their product for free, so they employ the use of advertisers to pay them for their time. If you download and install free software from the internet you must ask yourself why the software is being offered for free. In most cases, the software that you are installing is paid for through advertising, or designed by someone with maligned intentions toward your computer.
Types of spyware.
A couple general types of spyware exist, classified by their purpose or intent. The least damaging ones, or adware, simply track the types of web sites that you visit and provide customized popup advertising based on the type of sites you have been to. On the other end of the scale is software that can install a backdoor or Trojan on your system, allowing the designer to access to your system, files and information stored on your computer and network. The worst types of spyware often disable your antivirus, thus leaving you exposed to even greater misfortune.
Spyware can also come disguised as a helpful utility or even a spyware removal program that actually puts more spyware on your system than it removes. Only install spyware removal software that you are sure contains no other software.
Recent experience has shown that running only one ad removal program is rarely enough to get your system completely cleaned. I generally run at least 3 different programs and as many as 6 or 7 on occasion. If you want to attempt to get rid of the spyware on your computer, follow the general steps listed below. Please be aware though, that new types of spyware show up daily and these steps may not provide complete removal.
1. Download spyware removal software.
I recommend beginning by downloading the following four programs. Be sure to save the downloaded files where you can easily find them later. The Microsoft AntiSpyware will only work on Windows 2000 and XP.
Webroot Spy Sweeper (30 Day Eval)
https://music.apple.com/us/playlist/playlist/pl.u-4JomrJDFPml19
Lavasoft Ad-Aware
Spybot Search & Destroy
http://www.safer-networking.org/en/download/index.html
Microsoft AntiSpyware (beta)(Free)
2. Reboot in "safe mode". You will want to run the programs from safe mode to maximize their effectiveness. (Booting into safe mode will keep most of the spyware programs from loading into memory). Restart your computer and press F8 just before Windows starts to boot. From the menu select “safe mode with networking” (this will allow internet access to get updates). If you don’t see the “safe mode with networking” option you are probably running an older version of Windows and will have to start in “normal” mode.
3. Delete temp files. A lot of spyware programs leave files in temp directories. There are three main locations that you will want to clean up temp files. Make sure you don't have any programs running when you delete these files.
a. User profile temp directory. Select start then run and type in %temp% and click OK. Delete all of the files in this location.
b. Windows temp directory. Open my computer and go to your windows directory (usually c:\windows or c:\winnt, but can be any directory that windows was installed into.) The go into the temp folder and delete all of the files in this location.
c. Internet Explorer temp files. Go into control panel and select "internet options". Click on "delete files" and click to select "delete all offline content". Select OK. When that is complete continue to step 4.
4. Install, update and run the three downloaded programs from “safe mode”. When Windows starts install the first program and get the latest updates. Run a full scan on your hard drive(s) and allow the program to remove everything that it finds. When the first program is complete, repeat the same steps for the other two.
5. Reboot to safe mode and run the scans again. If none of the programs finds anything on the second pass then you should be clean and ready to reboot and continue what you were doing before you were infected. If any of the programs finds additional spyware repeat the process a third time. If after three attempts you are still finding spyware you have reached the point where professional help is needed to remedy the problem.
NOTE: Running the removal software until no spyware is left is the most important step in the process. If any spyware is left, it will spread and multiply and you will shortly be back where you started with all of the popups and spyware BACK ON YOUR SYSTEM.
6. Check your antivirus software. Make sure it is running and up to date, and then run a full AV scan on your system. Many of the spyware programs disable the antivirus software and allow your computer to get infected. If you can’t get your AV program back up and running you can run a system scan from Symantec’s web site. This will allow you to ensure that no viruses got in while your AV software was disabled. You can find the online AV scan at the following URL.
http://securityresponse.symantec.com/
Toward the lower right side of the page you will see the following link
Select this link and follow the prompts to run check for viruses. You will get two or three popups to install ActiveX controls. These are required to run the AV scan so be sure to select yes.
If you frequently get spyware on your system you may want to consider purchasing the full version of Spy Sweeper. It has a memory resident scan that will help prevent further infection.
Careful web surfing is the most effective way to prevent future spyware infections. Web sites that offer free downloads, card games and other "free" software are some of the worst offenders. Installing web searches, accelerators, enhancements and other software, unless you know they are safe, is a sure way to get spyware.
If you have Windows XP, be sure you have service pack 2 installed, as there are numerous enhancements to Internet Explorer to help prevent the installation of spyware.
If you are running a different version of Windows you can get the same protection by using the Firefox web browser instead of Internet Explorer. Download Firefox here.
http://www.mozilla.org/products/firefox/
Additionally, if you do get a popup while browsing the web, don't click anywhere inside of the window. The best way to close a popup is to right click and select close from the Windows taskbar at the bottom of the screen. If you can't get to the taskbar, press ctrl-alt-del and close the offending window.
More information about spyware can be found at the following location;
