Cleaning up spyware 101
Every tech fears the dreaded question: “Hey, can you check out my computer?” Family get togethers, stopping by a friend’s house, sneaking into work — the question may appear at any time. The computer is running slow, or displays random errors. Popup windows abound. It must be time for a dreaded spyware cleanup. Spyware and malware installations are perhaps the biggest menace to personal computing today. While spyware has the seemingly innocuous, annoying task of monitoring browser habits to show advertising, malware goes a step further with the threat of adding keystroke loggers, backdoors to your computer, or any of a host of other nefarious purposes. Regardless of if it’s the former or the latter, both will cause a computer to run slower, break functionality, or otherwise ruin a day of computing. Programs like this can get installed via web pages that integrate an installer; misleading popups, offering a note that your system might be at risk; or even bundled with programs downloaded from the web. The average user’s computer is likely to have been infected with spyware / malware at some point. Any tech knows that basic spyware cleanup is easy. It’s annoying to do, especially if you have to do it over and over. Some techies might even put up a web site with an article on it, just to avoid having to do it yet again. (Ahem.) One would hope that you would just need to download a program, run a scan, and be all set. It couldn’t be that easy, could it? Well, actually, yes, it can. What’s more, it’s free. There is an entire cottage industry of techs who make a decent living out of cleaning up spyware, and yet the basics cover the majority of problems. I recommend that you scan your computer with three different programs. Each one takes a different strategy at combatting spyware / malware, and by running all three, you can be fairly certain you’ve cleaned up most of it. Warning: Some programs may break if you clean off spyware. As some programs require spyware to function (most notably, free downloadable games), cleaning this stuff up may break them. However, given that the alternative is a pretty unusable computer in most cases, this seems like a fair tradeoff. Let’s begin! Step 1: Scan with Microsoft Anti-Spyware (Beta). Download the above, and run the installer. Launch it, and the Setup Assistant will guide you through the initial setup. Go ahead an enable the AutoUpdater to keep the program up to date. Additionally, enable the Real-time Security Agent, which helps make sure that you’re notified if a program tries to do something to your computer. What about SpyNet? Arguable. If you’re paranoid and concerned about privacy, say “No”; some information about what you’re running and rejecting gets sent to a networked community to build the spyware database. It’s a good thing[tm] to contribute to the community, but your specific needs may vary. You should also make a decision about if you want to run a scan every night at 2am. I would recommend letting the program do this, but your needs may vary. Go ahead and Run Quick Scan Now. Depending on how many files you have, this might take a while. The program is scanning through your computer’s running processes, registry, and files. If anything is found, the program will give instructions for how to clean up the problems. Close out the program when done. Step 2: Scan with Ad-Aware SE Personal. Lavasoft’s Ad-Aware has been the standard for spyware scanning for years. While not perfect, it does a great job of catching most spyware / malware. When finishing the install, select to “Perform a full system scan now”, as well as to “Update definition file now”. You can leave the option to open the help file if you’re curious, but it’s not necessary. The first thing that happens is Ad-Aware will connect to the Internet to search for updates. After that, the main window will open. Select the Start button in the lower right, then select to “Perform smart system scan”. It’s optional if you want to select the bottom two checkboxes (negligible and low-risk threats), as these probably do not represent spyware or malware per se. After scanning, select the Critical Objects tab, and check all the items here. Hit next, and it will confirm that you want to remove those items. Removing the negligible items as well will probably not effect things too negatively, but your main concern are the critical objects. Close out of Ad-Aware, as you’re finished with it. Step 3: Scan with Spybot Search & Destroy. During installation, make sure to select to “Download updates immediately”. Do not use system settings protection (TeaTimer), as you should already have Microsoft’s AntiSpyware running. You might as well enable Internet Explorer protection (SDHelper), as that is the primary source of most spyware / malware. Note that if you do, Windows AntiSpyware will alert you, and ask you to Allow this. Upon first run, you’ll be asked to make a registry backup. This is always a good idea before messing with the registry, so go ahead and do so. You’ll know this is done because the Next button will be enabled again. You should now have a screen with two options: “Search for updates”, and “Download all available updates”. Click the first button to find available updates, then the second to actually download them. When that finishes, select Next, and you should have the option to “Immunize this system”. Clicking this button will prevent known spyware / malware from infecting your system, so do so. Click Next, and an option to “Start using the program” should be available. Click that, and you’re in the main window for Spybot. In the left hand pane should be an item marked “Search & Destroy”. Click that, and in the right pane should be a button for “Check for problems”. Click this, and a scan will begin. Once the scan completes, the results are displayed in the window. If you would like more information, click on one of the items, then click on the right side of the pane (where you should see a bar with two arrows pointing to the left) to see a description, which is not always available. Click the “Fix selected problems” button at the top, and the problems should disappear. Close out of Spybot, because you’re done with it for now. Step 4: Change your habits. Your system should be pretty clean at this point, so at this point, it’s a matter of prevention. Some quick tips:
- Switch to using Firefox as your web browser. Most spyware / malware results from flaws in Internet Explorer’s security. While Firefox isn’t perfect, most spyware / malware targets IE.
- Don’t install programs without thinking. Who is providing the program? If it’s Yahoo, you’re probably okay. If it’s a company you never heard of, perhaps you should do a little more digging. If a program has an End User License Agreement (EULA), read it. Quite often, these spell out right in the terms that spyware may be installed.
- Don’t be fooled by popup windows. If it’s an offer in a popup window, you’re probably not that interested anyway. Plus, a good amount of spyware is installed in this manner.
- Periodically scan for spyware / malware. You now have three programs installed for scanning. Use them all. Just make sure to do an update first — new spyware and malware is coming out all the time, so be sure you’re up to date.
While the above instructions will take care of 99% of spyware / malware cases, it doesn’t handle them all. If everything runs great after doing the above, pat yourself on the back. You’ve taken steps to fix your computer on your own. Feels great, doesn’t it? However, spyware / malware writers are clever, and getting more clever every day. If the above doesn’t fix all of your problems, then you’ll probably have to dig deeper — but that’s an article for another day.
