| How to remove spyware
|
|
Malicious software goes by many names: Spyware, worms, viruses, Trojans, Adware, keystroke loggers, pests, and more. "Spyware" often is used to mean all malicious software other than viruses. I prefer the term "malware" as it\'s a bit more descriptive. This page is for removing any type of malware.
The following is a blueprint for removing any and all malicious software from an infected Windows computer. This is not customized for a particular malware program, but applies to all malicious software. The intended audiences here are computer nerds and, as such, some introductory details have been omitted. It\'s more a cheat-sheet than a tutorial. If you are not a computer nerd and think your computer may be infected (see Symptoms section below), tell your local techie about this page.
The goal described below is to remove the malware from Windows. This should not, however, be the goal in all instances.
Depending on the circumstances, the correct approach might be to wipe the hard disk clean and re-install or recover Windows. A clean install is the only 100% guaranteed way to return the computer to a fully functioning state. If the computer is used for anything judged to be important, a clean install is probably called for. Likewise, it it\'s used for home banking a clean install may be the best approach. Also, a clean install takes only so much time. The procedure described below can drag on and on...
How to remove spyware
Scan, reboot, repeat
Scan the system with the anti-spyware scanner and allow it to remove any adware/spyware it finds. Then reboot the PC, regardless of whether you were prompted to do so by the scanner
After the reboot, and before reconnecting to the Internet, scan again. If the scanner still reports signs of infestation, allow it to remove any traces and reboot again. After the reboot, scan a third time. If the scanner still reports signs of spyware and adware, or you still feel there are traces not being detected by the scanner, the following tips will help.
Use Safe Mode
Spyware and adware vendors often use resuscitators, files that work to keep the adware/spyware infection active no matter how hard you - or the scanners - try to remove it.
Booting into Safe Mode causes allows only the most essential processes to activate. While this won\'t guarantee all adware/spyware resuscitators will be killed, it does ensure the vast majority will be. (See How to Boot Into Safe Mode). Once in Safe Mode, open your anti-spyware scanner and run a complete scan, allowing it to remove any traces of infection found.
Undo the Damage
After removing the active infection, you\'ll need to make sure it won\'t simply reintegrate itself when the system is reconnecting to the Internet.
After the scan is complete, reset your browser start and home pages. (See Resetting Internet Explorer Settings).
Next, ensure your HOSTS file hasn\'t been hijacked. (See Protecting the HOSTS file)
Make sure undesirable websites haven\'t been added to your Trusted Sites Zone. (See How to Check Your Trusted Sites List)
Check the Add/Remove Programs and uninstall any applications you recognize as being associated with the Adware and/or spyware.
After following the tips above, reconnect the phone line or cable to the modem, reboot the PC normally, and access the Internet. If you still feel you are infected with Adware or spyware, use HijackThis to capture a log of pertinent system areas. TomCoyote.org provides a tutorial on how to use HijackThis, as well as providing a direct download link for the program. Depending on your level of experience, you can either review the log looking for signs of infection or post the log to the TomCoyote forum for assistance.
An ounce of prevention
The best spyware and Adware remedy is avoiding the infestation to begin with. For tips on prevention, see Preventing Adware & Spyware.
How to remove spyware >
|
|
