January 21st, 2005, 01:38 AM
Adware and Spyware removal :Introduction:
An Attempt to put into one place a small tutorial, that will [hopefully]
be used as a link for all of those threads that ask the same question:
How do I get rid of pop-ups / adware / spyware?
There is a plethora of software tools out there, waiting for you to take them home, I will just stay with the ones that I have used myself, as I believe that if I can use it, then it really IS idiot proof. I have included tools that are freeware as well as those that require you to buy them to get the full options.
I have concentrated on the adware, spyware problem, and as such I havenít mentioned Anti-Virus, or Firewalls, as I think that each PC SHOULD have those as a MINIMUM defence, Iím just adding my little bit to the extra defences required in todayís PC environment.
Where an OS is mentioned, I am basing it on Windows, as I run W2K Pro. XP will be very similar.
To combat this problem you should have the following in your armoury at least:
Google tool bar: http://toolbar.google.com/ The reason for this selection is that I think that this item should be on everyoneís PC, and it has a pop-up blocker built in. Google themselves keep information from you for their own use, but you do have the option to disable this as you install. Also there are a few extra items that the toolbar runs that are not strictly required, they can all be disabled in the options tab on the toolbar itself.
AdAware SE: http://www.lavasoft.de This one is the one that everyone SHOULD know about.
SpyBot S+D: http://www.safer-networking.org/en/download/index.html
Get its immunization mode running in the background, stopping the bad stuff from even getting in.
Swatit: http://swatit.org/ Bots and Trojan cleaner. It is said to be slow, but it is effective.
This is a very quick worker, and very easy to use.
Crap Cleaner http://www.ccleaner.com/
I'm adding this, as there are a lot of supposedly temp files that can be cleared away safely, that are scattered all over the drive, and this one tool will remove damn nigh all of them in one hit.
Just leave the default settings, and run it.
Spyware Blaster http://www.javacoolsoftware.com/spywareblaster.html
This is software that will stop the bad guys from even getting onto your PC in the first place. Again, it's a free download, and it's a load and forget device, even has auto-update enabled for us really forgetful types.
Another piece of software that detects when the registry is being changed, and will alert you to it, to let you decide whether to allow / disallow.
One tip. suspend Prevx protection when you are loading software, as it will question EVERYTHING that you are doing
15 day free trial. But it works so well I PAID for it ......
This will give you a list of everything that has loaded up, and is running on your system. It will allow you to delete them, but be warned, this is a very dangerous tool if used without care. Check in AO tutorial index for instructions on use.
Itty Bitty Process Manager: It is also found at Merijn.org, to see why this has been included:
Small update: I've been seeing more and more cases of infections by trojans that kill any antivirus or antispyware programs you try to use and remove them. For such cases, I created a standalone version of the 'Itty Bitty Process Manager' inside HiJackThis. It should be a bit harder for trojans to detect, since it has no window caption. If they do start targeting it by filename, rename the executable before running it and you should be good to go.
I use Registry Mechanic, and Iíve recently discovered Macecraft, and their RegSupreme. Both work well, but I find that RegSupreme to be the easiest of these to use.
Registry Mechanic: http://www.winguides.com/
And finally, I would advise everyone to keep their system updated with the latest patches, as and when they are available.
For Windows: http://v4.windowsupdate.microsoft.com/en/default.asp
This is for Win2K and is V4, if you are running XP, then it will be V6 as the latest, and it will download the latest software to allow you to use this version before you can get any updates.
To help keep these neat and tidy, I open a new file in Program Files, called 'Security'.
Download each tool there.
On your desktop, in the tool bar at the bottom [default position] of the screen,
right click, and click on toolbars, then on 'quick launch'.
Right click inside the quick launch area, [if none seen, right click toolbar, click on 'unlock toolbar'.] select open folder, inside there, right click and select 'new folder', label it 'Security'.
Close it down, you will now have a Security folder icon in the quick launch section.
Go to the Security file, open each application, and right click on the .exe that would open it.
Select 'send to desktop'. You now have all the shortcuts on your desktop.
Click on the Security folder in quick launch, reduce the size of the window so that you can see the short cuts, drag and drop each one into the folder. Close folder. You now have your security tools ready to use at a moments notice ....................
Now to run our new toys:
First rule: Only run one application at a timeÖÖÖ Conflicts will happen if two applications are trying to clean the same fault.
You need to update each tool, prior to using it, to ensure that you are using the latest version. Remember to open, update then CLOSE each application, before you update the next one.
If you are running XP, then shut off the system restore [Right-click My Computer, select properties, then System Restore tab, then tick/check the Turn off System Restore.]
This is an application that keeps a back up of settings of your system, and if you are infected, it is possible that the restore option would 'restore' the baddies. That is the reason I say switch it off first.
However, if you are a complete novice at this, then it is in your own interest to keep the restore option working, then if you do the worst................ you CAN get out of jail free.
System Restore :
start > all programmes > accessories > system tools > system restore.
If you are going to use the restore option, you might as well set yourself a known good restore point, at least it will be back to where you began.
Check the 'create a restore point' click next ........then enter the description for the point ....... start point would do, then click create. You now have a point to return to IF it goes wrong.
Ideally you should be in Safe Mode to run these tools, as this is a mode that only starts the bare minimum of applications to get you running, and [hopefully] none of the problem programmes will start.
Safe Mode is accessed on start up, by tapping on the F8 button [some systems use F2 / F10] repeatedly, until a screen opens with a menu of safe options.
AdAware, SpyBot, Swatit and CWShredder can be run, and whatever they find is fairly safe to remove straight away.
HiJackThis and the stand alone Itty Bitty Program Manager are a little different, in that they will generate a comprehensive list of running processes on your system, then it is up to you to decide what should be there, and what should not. BE WARNED, once deleted, itís GONE. And you can do a lot of damage to your system if you do it wrong.
You can always save the file as a .txt in notepad, and post it on AO for help in deciphering what, if anything, is wrong.
The registry cleaners are another special case, these will generate a list of [to them] registry keys that can be removed. BE WARNED, do not mess with the registry at all, if you are not sure, then DONíT DO IT. Run the cleaner, then examine each entry on the list carefully.
As a quick and dirty method, I delete all those identified as obsolete, or non-existent, and I tend to take my time with the others. REMEMBER : if in doubt : DON'T. It is better to leave a suspect setting in the system, rather than remove it and find that nothing works anymore.
To finish, I like to do the windows update now. Get all the critical ones first, then do any stand alone ones [these are the ones that have do be done singularly] Finally get any optional ones for the system, drivers etc.
I like to follow this with Defrag [Right click My Computer, select Explore, Right click on C drive, click on tools] I also do scandisk as well, [now called error checking] same place as defrag, set it to do its work automatically, click OK, the PC will then say it cannot do it now, would you like to start scandisk the next time you start windows. Click yes.
You should now be the proud owner of a cleaner, leaner, faster PC.
PS [If you are running XP, and you DID disable the system restore. Now would be a good time to start it again.]
You should also be aware that there are nowadays, programmes that can and will defeat your tools.
Either by hiding from them, or by switching them off. This tutorial is not addressed at those, it is merely an introduction into keeping your PC as YOUR PC.
Also CuseMMA has a thread that covers this subject from a different perspective.
Worth a read to give a more rounded view of this problem.
And another way here, by brokencrow
if you wish to go about it manually.
 sorting out links
[edit 2] adding points from the posts. restore option / Google tool bar.
[edit 3] Crap Cleaner, Spyware Blaster and Prevx added.
[edit 4] link to CuseMMA's clean up thread.
[edit 5] Windows update now at V6 for XP : system restore details : update apps
[edit 6] Link to brokencrow's manual removal thread added
I'll add tools as and when I've used them, ONLY if they pass the criteria of me being able to use them EASILY AND they do what they say they will do.
One final word :
If the software is FREE, but you could afford to pay something, then DO SO.
The more people that do pay towards the cost of these tools, then the more these people will develop their tools.
55 - I'm fiftyfeckinfive and STILL no wiser,
Beware of Geeks bearing GIF's
come and waste the day :P at The Taz Zone