Get Rid of Spyware
July 19th 2006 17:46
Some of you have probably come across spyware that could not be removed by a mere antivirus scan. Well, before you start trashing your PC, try following these couple of steps and see if it is removable.
1. Start your PC in “Safe Mode”. To do this, reboot your PC and before the Windows XP loading screen appears, hit the “F8” key (you can do this a couple of times just to be sure). Then select “Safe Mode” (its safer than safe mode with networking) and wait for windows to load up
2. Clear your temporary files. The files should be located in “C:\Documents and Settings\Username\Local Settings\Temp” and “C:\WINDOWS\Temp”. In actual fact, there are a LOT more “temp” folders, but these should suffice and are the areas which most malware attack. Also clear your temporary internet files. This can be done from your browser (Select “Tools-Options”). One tool that I found particularly easy to use was the ATF Cleaner by Attribune. It does all of the above and slightly more. I suggest if you do not know a lot about “temp” folders and files, use The ATF Cleaner.
3. Scan and remove spyware using an anti-spyware program. I personally like Spybot Search and Destroy, but if you have other preferences, by all means use them. Heck it would be good if you can use more than one.
4. Do an antivirus scan. Just use your own antivirus software and scan your PC. If you don’t have one, free programs such as AVG and Avast are available for download. Just make sure that you have the latest versions of the virus databases (you should have done this before restarting in “safe mode”)
5. Use a tool called HijackThis. A tutorial on how to use this tool can be found here. If you are not sure of what most of them are, there are a lot of forums out there that lets you post your log and ask for help, so Google is your best friend here (although you probably have to do this on another PC, as the current “safe mode” does not allow you to connect to the internet, and for good reason too).
6. If you think that’s not enough, get a program like Sysinternals Process Explorer to view what processes are abnormal. You can then kill the application and delete the corresponding file that seems to be causing the problem.
7. Once you're done, restart your PC normally and redo step 5. It would also be good if you can do an online scan. Panda and TrendMicro have pretty good online scanning services.
Note that steps 5 and 6 takes a little bit of know-how to get around; if you are unsure of doing these steps, ask assistance from someone who does.
1. Start your PC in “Safe Mode”. To do this, reboot your PC and before the Windows XP loading screen appears, hit the “F8” key (you can do this a couple of times just to be sure). Then select “Safe Mode” (its safer than safe mode with networking) and wait for windows to load up
2. Clear your temporary files. The files should be located in “C:\Documents and Settings\Username\Local Settings\Temp” and “C:\WINDOWS\Temp”. In actual fact, there are a LOT more “temp” folders, but these should suffice and are the areas which most malware attack. Also clear your temporary internet files. This can be done from your browser (Select “Tools-Options”). One tool that I found particularly easy to use was the ATF Cleaner by Attribune. It does all of the above and slightly more. I suggest if you do not know a lot about “temp” folders and files, use The ATF Cleaner.
3. Scan and remove spyware using an anti-spyware program. I personally like Spybot Search and Destroy, but if you have other preferences, by all means use them. Heck it would be good if you can use more than one.
4. Do an antivirus scan. Just use your own antivirus software and scan your PC. If you don’t have one, free programs such as AVG and Avast are available for download. Just make sure that you have the latest versions of the virus databases (you should have done this before restarting in “safe mode”)
5. Use a tool called HijackThis. A tutorial on how to use this tool can be found here. If you are not sure of what most of them are, there are a lot of forums out there that lets you post your log and ask for help, so Google is your best friend here (although you probably have to do this on another PC, as the current “safe mode” does not allow you to connect to the internet, and for good reason too).
6. If you think that’s not enough, get a program like Sysinternals Process Explorer to view what processes are abnormal. You can then kill the application and delete the corresponding file that seems to be causing the problem.
7. Once you're done, restart your PC normally and redo step 5. It would also be good if you can do an online scan. Panda and TrendMicro have pretty good online scanning services.
Note that steps 5 and 6 takes a little bit of know-how to get around; if you are unsure of doing these steps, ask assistance from someone who does.
| 51 |
| Vote |
Subscribe to this blog
