The Anti-Spyware Guide
Sections in this article:
Introduction
The Basic
Hijack This
Analyzing Your Own Hijack This Log
Post Op
Programs To Assist In Removal
Using Spyware Blaster, Ad Aware, Crap Cleaner
Changing Your Browser
Tips To Stay Spyware Free
Conclusion
Computer slowing down? Getting ad popups? Being redirected to unknown sites? Then please, continue to read on. Because I'm going to show you how to remove it, and how to stop it from happening again.
First off, lets get a basic definition of spyware/adware/malware. All variants of malacious software can simply be defined as this. Any software that covertly gathers information about a user while he/she navigates the Internet and transmits the information to an individual or company that uses it for marketing or other purposes. There's many different variations, some are hijackers witch basically mean they take over your computer. Some are stealthy, meaning they secretly operate and slow down your computer gathering information. However the most popular are the ad banners, this is the kind of spyware/adware that's most annoying. It just displays completely random and useless ads when your Internet browser isn't even open. If you have any of these symptoms, unknown re directions. Slowing of your computer. Random banner ads, then you have spyware/adware.
Amazon customer services uk
Commonly, when you get infected, the first thing it does is add itself to the registry. The registry is a large database of information for software installed on your computer. It is also responsible for starting software when you start your computer. The first thing were going to do is stop the start up of any unknown items.
1. Click start
2. Click run
3.
in the dialog box that pops up, type MSCONFIG
4.
A small box will pop up with a few different tabs.
5. Click the startup tab on the far right.
1. The name
2. The location on your computer
3. The location in the registry
Since every user has a different computer and preference, I cant list every item But if you know what it is, or installed it yourself and like it. Keep it. If you don't know what it is, look through a start up database. A startup database can tell you whether the item should stay, or should go. Here's a few reliable startup databases.
http://www.bleepingcomputer.com/startups/
Just type the name of the item in the list and BC will attempt to find it.
http://castlecops.com/StartupList.html
Again type the name of the object and this will search for your object and verify it.
If it shows up as bad, uncheck it. Once you have unchecked all bad/unknown items. Click apply then ok. You will prompted to reboot, but dont. Some spyware adds itself to start up every time. So rebooting will only undue what we have just done. Find unique glass pipes & color changing glass pipes worldwide.
Hijack this is a widely used tool for spyware removal because it provides almost complete control of every running piece of software on a system. It does require some training however because it does not automatically remove bad items. Hijack this outputs a logfile in text format that can be looked over by someone who knows how to read them. They can then instruct you on what to remove and what not to.
Go here, and download a free copy. Its in zip file form so you ll need winzip or winrar to extract it. Once the download is completed, extract Hijack this to its own directory. For example, C:\HJT. Just make sure its alone in a folder by itself.
Run Hijack this, youll be presented with this menu.
Were looking for do a system scan and save log file, click it. Hijack this will now scan your system.
Once it is completed, (takes a few seconds) A notepad will popup with the details of the hijack this scan. Copy the ENTIRE contents of the notepad to a post in the Techsomething.net Spyware Removal Forums for analyzing. Since Hijack this is a very powerful tool, it should only be analyzed by a trained professional. Usually getting your log analyzed by a trained person, will remove the greater of the security threat. Leaving only a few more steps for removal.
Note: While you are waiting for your log to be analyzed, you can continue through the guide.
Analyzing Your Hijack This Log On Your Own
It isnt that hard to analyze your log on your own, it takes a little patience, and a little knowledge about software and system files, and the ability to research your infection and symptoms. Of course if you get stuck or need additional help, post your log in the forums to get analyzed by a professional. The tutorial below will help you when analyzing your own log.
Tutorial on analyzing Hijack This logs
Now that your a little cleaner (hopefully) Were going to do some scans with online virus scanners from trusted antivirus companies.
1. Panda Active Scan online
Internet Explorer only. Requires email address. Requires Active-X components to be installed. Approx 12MB download.
2. BitDefender online scan
Internet Explorer only. Must agree to a EULA. Need to allow installation of an Active X component.Some of the options are not clearly explained.
3. Trend Micro Housecall
(European version, supports Netscape, Mozilla, Firefox and Opera)
The time it takes for a scan to complete may vary, run all three seperately and be patient.
Using Programs To Assist Cleanup
Now to the programs, you should be well on your way home to being spyware free.
Please go to the following sites and download and install the following programs.
If you do not have an antivirus, install the program below.
AVG Anti virus home. A Free widely used virus scanner.
If you do not have a firewall, install the program below.
Zonealarm Free Firewall
Ad-aware. A spyware/adware/malware scanner. Very popular, and very good.
Spyware Blaster. : A tool used to immunize yourself against harmful cookies and ActiveX controls.
CCleaner. A tool used to clean out the very pit of your computer.
Using Spywareblaster, Crap Cleaner, And Ad-Aware
Once the above tools are downloaded and installed, Run spyware blaster first.
You will be presented with the main program menu, or sometimes the tutorial for getting started. Since it comes with a tutorial already, just follow it. Its very useful. If you dont see the tutorial or dont know what to do, Ill explain. First, click updates on the left hand side navigation menu.
Then click check for updates. Spyware blaster will connect to javacoolsoftware.com and download the latest immunizations. Once it is completed, click the protection button.
You will be presented with a list. On the bottom of which will say, Internet explorer, mozilla, restricted sites, and finally spyware blaster database. Next to the database it should say, 4xxx items are unprotected. Right under that there's a section called quick tasks. Under that, click enable all protection.
This will add all the ActiveX controls, bad cookies, and websites to the denied list or un-trusted sections of your web browser. This will make sure that those bad sites wont be able to download anything to your computer, even if you do go there. After everything is immunized, exit spyware blaster.
Now run Ccleaner. In the left hand side, check everything that you want ccleaner to clean when it runs on your computer. I recommend checking everything. Then click the applications tab right above that. Again check everything you want to, I recommend it all. Now, click run cleaner in the bottom right hand corner once everything is checked. Ccleaner will now clean up your system. It can take anywhere from 1 minute to 10 minutes depending on how junked up your pc is. Once it is finished cleaning, a list will be presented of all the crap cleaned off. Go ahead, take a look. Amazing isn't it? Anna (Faberge Pendant) Red
Now click the issues button on the left. Follow the same procedure and click scan for issues on the bottom left. Let it run, and click fix all issues in the bottom right. You will be prompted to back up your registry, only do so if you want to, but it is not necessary.
Close ccleaner.
Now, start up ad-aware. When started you'll see the main program menu with a navigational menu to the left.
The first step you should do is update Ad-Aware SE so it is using the latest Spyware/Hijacker definitions. This will enable the software to recognize as much of these types of programs that it can. You should click on the Web Update button found in the middle of the user interface. Follow the prompts and allow Ad-Aware to update its definitions.
Once completed updating, were going to perform a full system scan. This cleans up your registry and anything we missed in the previous removal steps. Hopefully this should be the final step of the cleanup. So, click the start button. You should be presented with this menu
Make sure you select perform a full system scan, and make sure search for negligible risk entries and search for low risk threats is checked. Now click next, this will lead you to the actual scan which will begin scanning your system. Is can take a while, so now's the time to take a break check back occasionally.
Once completed you ll be presented with a screen similar to this
Click on the next button in the right hand corner, You will then be presented with a screen that shows all the objects found that are flagged as Spyware or Hijackers.
At this point you should either right click on the screen and and choose the Select All Objects option or individually put a check mark in each objects check box, designated by the area surrounded by the red box in Figure 10, that you would like quarantined. When all the objects that you would like quarantined are checked, you should click on the Next button. Ad-Aware SE will now present you with a confirmation box as to whether or not you would like to remove the objects you have just selected. If you would like to do so, press the OK button. You ll will then be taken back to the original scan screen. Now were going to clear the quarantined items. So click open quarantine list and then select the quarantines and delete them off your hard drive forever. You may close the program.
If your still using Internet explorer, stop. It's one of Microsoft's worst products. There are many, many security holes and glitches un-patched.
Go to Firefox.com and download a copy of the Mozilla Firefox web browser. Firefox is an open source, web browser with far less vulnerabilities and potential security risks than Internet Explorer. Its also much more user friendly and can accomplish much more. The best part is, you can import all your settings and bookmarks in from Internet explorer if you wish. Meaning you don't lose any data or work.
Install it, run it. It will prompt you to set as your default browser, click yes and dont show this message again. Mozilla will start up, usually it will be set to Mozilla.org as your homepage. If you'd like to change this, click tools -> options. It should be the first tab. Now after you change your homepage, go through the other configuration options as well and configure it to your liking. It takes a few minutes to orient yourself.
Tips To Stay Clear Of Infections
- Always have an antivirus/firewall these are a must to keep your computer clean. Always have them updated and ready for use.
- Always have a few antispyware programs, Ad-aware and spyware blaster being a couple.
- Try to be safe, don't go to unknown sites and randomly download games and software. Programs cant protect you forever, it takes your cooperation to.
Now earlier, I asked if you did not have already, to install an anti virus program, and a firewall to stop hackers/viruses in their tracks. Zonelabs firewall, And AVG home free anti virus. Since these are 2 varying programs, there are to separate guides written for configuration and use here.
AVG antivirus installation and configuration guide (pdf)
Zonealarm installation and configuration guide
By now your computer should be pretty clean. Immunized and ready for use again. If you still have a few problems, Reboot your computer and please submit another fresh HJT log to the forums and that should do it.
However, if your computer is still horribly riddled with spyware, the truth is, sometimes spyware is just to difficult to recover from, or just cant be removed. Right now though, if its only a little problem, another HJT log can save you. But if you've tried and tried and its still there, you need to reinstall your operating system and start brand new again.
Reformatting A Computer With Windows XP
Now after your reinstall, make sure and follow the steps above for immunization and safeguarding to prevent this from happening again.
That's it people, hope you've learned a few things about keeping your computer clean. And were eventually able to remove what was causing you so many problems.
Need more help? Post in the forums
Back to the top