I was reading through another post here, by ANMMark I believe, about an encounter with spyware and how he stopped it. It was a post back in 2004 so heres some new up-to-date software and prevention tips.
First of all i'd like to start with some quick definitions:
Virus: Any program that replicates itself.
Trojan: A program or script that comes in a form that hides its true identity and purpose, or slips in by a hidden method.
Hijacker: A program or script that changes system settings, can change internet settings, and reroute web pages.
Spyware: Small programs which attempt to monitor your habits on the internet. While some spyware will attempt to stay hidden from detection, some will make it's presence known through popup advertisements related to your websurfing habits. While spyware companies claim the software is harmless, infected consumers suffer annoying advertisements, slowdowns, crashes, and other problems.
Worm: A virus that attempts to replicate itself though networked computers using shared files/drives, or vulnerabilities in the operating system.
Keyloggers: Programs that log keypresses, used to steal passwords.
Malware: Software designed specifically to damage or disrupt a system. Can also be software that features deceptive licenses and tricks the user into installing unwanted programs alongside purposely installed software.
Main reasons of infection:
1.) Watch what your downloading! Many freeware programs come with a huge amount of spyware. Stay away from P2P sharing programs such as Kazaa, Imesh, limewire, etc. If your looking for a good sharing program spy/adware free I would recommend Ares Lite or DC ++
2.) Keep current with system updates, run windows update on a daily basis and download all of the security files. If you do plan to continue using IE then make sure you have the latest version and all the correct patches as well. I would highly recommend downloading firefox though because most spyware isn't designed for Mozilla/firefox browsers. Despite some recent security issues that has already been patched, Firefox seems to remain on of the most secure and functional browsers that I have used.
If you still don't want to switch over to fire fox then...
Go to Internet Options > Security > Internet, press 'default level', then hit OK. Now press "Custom Level." In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'.
Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed. Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Options/security. Why is ActiveX so dangerous? When your browser runs an ActiveX control it's running an executable, thats no different then downloading a .exe file and installing it yourself.
10 very useful programs:
1.) JavaCool's Spyware Blaster It will protect you from all spyware in it's database by blocking installation of their automated scripts. Download and install, get the latest updates, and then you'll see a list of all spyware programs covered by the program (this is NOT spyware found on your computer) Press "select all", then "kill all checked", and you're done.
2.) Lavasoft's Ad-Aware This is a very good program that picks up a lot of traces of spyware, tracking cookies, etc. There are frequent updates and evolution of the program. The personal version is free and provides all the basic scanning protection, if you want to spend a few dollars extra, I would recommend upgrading to Ad-Aware plus.
3.) Spybot: Search & Destroy A very quick scan that picks up some things Ad-aware does not.
4.) HijackThis Picks up processes running in the background that your normal scanner/virus protection does not. This really should only be used in extreme cases when you can't get rid of something with other methods. If you do not know anything about your system files I would recommend consulting an expert before deleting anything, you could instantly destroy some system files that you need to operate windows.
5.) CWShredder A small utility to remove CoolWebSearch, YouFindAll, Wwwsearch, and a dozen other names. Spybot and Ad-aware tend to forget essential parts, so until they update, you can use this to completely remove CWS.
6.) In extreme cases use LSPFix it's used to fix internet connections broken by spyware. Definately keep this one on your arsenal. I put mine on a floppy disk as a form of insurance when cleaning my system of spyware.
7.) ProcRecon this has a extremely useful tool, which attempts to stop all unneccesary programs running with one click of a button.
8.) Run a firewall to protect against worms and hackers. What firewall you use is up to you. My personal recommendation is ZoneAlarm.
9.) Run Daily/Weekly virus scans. I would recommend Norton AntiVirus or AVG Antivirus, these are both excellent programs. Norton is a bit better, but AVG is available as a free download.
10.) Use an online virus scan , these pick up some viruses that the above do not, they pick up mostly newer viruses. The definition list is smaller and does not pick up a lot of the older viruses that you may be at risk from.
I've done everything you said but it won't let me remove this/it keeps going back!
Relax, your computers not done yet. Try logging off and back on to your user account, don't open up any browsers, then run your scans. If this still does not work, reboot your computer, go into safe-mode, and run all the tools I posted above.
Good luck! Feel free to add comments and other suggestions.
*Sources from various posts at TechSupportGuy.
First of all i'd like to start with some quick definitions:
Virus: Any program that replicates itself.
Trojan: A program or script that comes in a form that hides its true identity and purpose, or slips in by a hidden method.
Hijacker: A program or script that changes system settings, can change internet settings, and reroute web pages.
Spyware: Small programs which attempt to monitor your habits on the internet. While some spyware will attempt to stay hidden from detection, some will make it's presence known through popup advertisements related to your websurfing habits. While spyware companies claim the software is harmless, infected consumers suffer annoying advertisements, slowdowns, crashes, and other problems.
Worm: A virus that attempts to replicate itself though networked computers using shared files/drives, or vulnerabilities in the operating system.
Keyloggers: Programs that log keypresses, used to steal passwords.
Malware: Software designed specifically to damage or disrupt a system. Can also be software that features deceptive licenses and tricks the user into installing unwanted programs alongside purposely installed software.
Main reasons of infection:
1.) Watch what your downloading! Many freeware programs come with a huge amount of spyware. Stay away from P2P sharing programs such as Kazaa, Imesh, limewire, etc. If your looking for a good sharing program spy/adware free I would recommend Ares Lite or DC ++
2.) Keep current with system updates, run windows update on a daily basis and download all of the security files. If you do plan to continue using IE then make sure you have the latest version and all the correct patches as well. I would highly recommend downloading firefox though because most spyware isn't designed for Mozilla/firefox browsers. Despite some recent security issues that has already been patched, Firefox seems to remain on of the most secure and functional browsers that I have used.
If you still don't want to switch over to fire fox then...
Go to Internet Options > Security > Internet, press 'default level', then hit OK. Now press "Custom Level." In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to 'prompt', and 'Initialize and Script ActiveX controls not marked as safe" to 'disable'.
Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed. Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Options/security. Why is ActiveX so dangerous? When your browser runs an ActiveX control it's running an executable, thats no different then downloading a .exe file and installing it yourself.
10 very useful programs:
1.) JavaCool's Spyware Blaster It will protect you from all spyware in it's database by blocking installation of their automated scripts. Download and install, get the latest updates, and then you'll see a list of all spyware programs covered by the program (this is NOT spyware found on your computer) Press "select all", then "kill all checked", and you're done.
2.) Lavasoft's Ad-Aware This is a very good program that picks up a lot of traces of spyware, tracking cookies, etc. There are frequent updates and evolution of the program. The personal version is free and provides all the basic scanning protection, if you want to spend a few dollars extra, I would recommend upgrading to Ad-Aware plus.
3.) Spybot: Search & Destroy A very quick scan that picks up some things Ad-aware does not.
4.) HijackThis Picks up processes running in the background that your normal scanner/virus protection does not. This really should only be used in extreme cases when you can't get rid of something with other methods. If you do not know anything about your system files I would recommend consulting an expert before deleting anything, you could instantly destroy some system files that you need to operate windows.
5.) CWShredder A small utility to remove CoolWebSearch, YouFindAll, Wwwsearch, and a dozen other names. Spybot and Ad-aware tend to forget essential parts, so until they update, you can use this to completely remove CWS.
6.) In extreme cases use LSPFix it's used to fix internet connections broken by spyware. Definately keep this one on your arsenal. I put mine on a floppy disk as a form of insurance when cleaning my system of spyware.
7.) ProcRecon this has a extremely useful tool, which attempts to stop all unneccesary programs running with one click of a button.
8.) Run a firewall to protect against worms and hackers. What firewall you use is up to you. My personal recommendation is ZoneAlarm.
9.) Run Daily/Weekly virus scans. I would recommend Norton AntiVirus or AVG Antivirus, these are both excellent programs. Norton is a bit better, but AVG is available as a free download.
10.) Use an online virus scan , these pick up some viruses that the above do not, they pick up mostly newer viruses. The definition list is smaller and does not pick up a lot of the older viruses that you may be at risk from.
I've done everything you said but it won't let me remove this/it keeps going back!
Relax, your computers not done yet. Try logging off and back on to your user account, don't open up any browsers, then run your scans. If this still does not work, reboot your computer, go into safe-mode, and run all the tools I posted above.
Good luck! Feel free to add comments and other suggestions.
*Sources from various posts at TechSupportGuy.
