web design & internet consulting in houston, texas
Removing Spyware and Trojans from Your Windows Home Computer
Not only do we get daily client calls about spyware, but after work, people are lined up at our apartments looking for help with this same issue. We're going to look at some easy ways to identify, remove and protect against spyware infestations. In the category of "spyware," we include all invasive and uninvited programs from trojans to viruses to adware.
If your computer is running slowly, or you notice pop up windows appearing, even when you're not web browsing, you may have spyware. To find out what spyware you have, you'll want to download the following spyware cleaners, and then unplug your network cable (leads from your computer to DSL or cable modem). Why unplug? Most of these programs report home for instructions, or will reload themselves. Even more, they can be wrecking someone else's machine while you're trying to fix your own, so be a good citizen and yank the cord.
You may find that your computer is being directed to the same old sites by popups. There's a quick way to cure this. Keeping your network cable unplugged, go to the Start menu, select Run and type "command." A black box will come up where you can type DOS commands. Enter:
C:\> notepad \windows\system32\drivers\etc\hosts
This assumes that your Windows 2000 or XP software is installed into C:\windows; if not, substitute the appropriate name.
The hosts file has a header, and then a list of sites in the form:
The numbers on the left are IP addresses; the words on the right are Internet addresses. Normally, your computer has to connect to another computer to look up the number address for a site name so it can connect to that site. Sneaky spyware puts its own addresses into the hosts file to make this process faster. Highlight any lines containing the names of sites you've seen in your popup windows, and delete them, then save the file. This will spare you some agony when you reboot.
Please download the following free software before unplugging your machine from the Internet.
Then yank the ethernet cable from your cable modem or DSL modem. Now you're ready to excise some parasites.
The first piece of software you want is Ad-Aware. This monitors for a number of low-level threats. Since spyware rarely comes singly, you'll be able to use this to knock out the more obvious annoyances and focus on the real threats. Install it, and run it to remove basic threats. It will flag a number of non-lethal infections, like tracking cookies from known spam/spy sites, but it's not a terrible idea to nuke these as well. Rip 'em all out.
Spybot Search and Destroy
A more muscular program for spyware and malware specifically is Spybot SD. Install this, and run a system scan; you can remove everything it offers as a possible source. When it has removed everything on your system, run it again, to see if you have any persistent infections. Make note of anything that occurs in both scans.
Internet Explorer helped all of us out by standardizing the web to a single way of interpreting HTML, but unfortunately, it also has some problems. Opera is more stable and secure, and free. There are tools to migrate over your bookmarks and settings from IE.
A firewall is a program that watches over internet connections to your machine, and filters out the ones you designate as bad. Kerio lets you not only block most incoming traffic, but select which programs you allow to send outbound traffic as well. Install it, and reboot.
If you ran Spybot SD and it found security holes after you ran it the first time, you've probably got some gnarly spyware on there. This is where you may have to let an experienced user help you out. There's no quick and simple fix, but the basic process is to identify the program causing problems. You may be able to do this by pressing Control-Alt-Delete, selecting Task Manager, and looking for unusual programs.
A good guide to identifying programs running on your machine:
If you spot anything, remember the name of its program, and look it up here:
There are specialized tools on that site for some infections, and others will tell you how to remove resistant malware. Generally, you'll end up editing the Windows registry, then deleting or moving the software in question; in some cases, you'll have to reboot into command line mode or Safe Mode to remove these programs. There's no way to detail all of this in a short guide, so if you don't know what you're doing, call in the help.
Making Your System Spyware-Proof
When you installed Mozilla and Kerio, you took the two biggest steps toward making your system secure. Internet Explorer has too many holes to patch, and when you do lock it down for a sensible security setting, it bombards you with error messages about what it can't run on web pages. This seemingly blockhead strategy probably reflects confusion and bureaucracy at Microsoft. It's not clear whether it's time to ditch Microsoft stock or not, but it's clear that it's time to ditch Explorer.
Running a firewall helps. Kerio Personal Firewall is one option, but others are Norton, Zone Alarm, Sysgate and the Windows XP built-in firewall. Our experience suggests Kerio is the best. It runs with all features, free and legally, for thirty days, and after that the firewall is free but the added features require you register. That's up to you. If you want to test your firewall, and to look for any weird applications that might be listening for orders from their infernal homebases, use this utility:
It doesn't hurt to run anti-virus software, but one recommendation is to configure the software to scan only when you double click it. Virus scanners that run in the background cause more problems than they're worth. They tend to slow down your machine, interfere with installations, and often crash other software. The best advice here is to run your software after any new download, or to set up Windows to run your anti-virus software nightly, after all possible users have gone to sleep.
Finally, stay on top of operating system updates from Microsoft:
These small ways of securing your system make it more difficult for spyware, malware, viruses and trojans to infest you, and also make your system more difficult for run of the mill crackers to penetrate. We could write a book on Internet Security for the home, but we'd rather give away this textfile. Although there's a fortune to be made in helping people delete spyware and secure their systems, it's more important that people be able to use and enjoy their computers without fear. Thanks for reading.
Copyright © 1995-2010 Dionysius Studios, Houston, Texas