How to beat spyware and viruses, 2008 edition

Wed Apr 2, 2008 11:46AM EDT

See Comments (169)

The last time I wrote a piece on how to remove spyware from your computer was in 2006. Time for an update, I think. Here's my perennial "How to Beat Spyware" howto, revised and updated for 2008 (and combined into a single file instead of two parts).

Here's what to do if you suspect an infection on your Windows PC. (Please note these steps apply to both Windows XP and Vista.)

1) Are you sure it's spyware or a virus? Windows pop-ups and alerts can often seem invasive enough to be viruses, especially with Vista. Try searching the web for the exact text you see on the screen to make sure you aren't dealing with an aggressive Windows message. (Many of these can be turned off, so try whatever instructions you find.) On the other hand, some viruses masquerade as Windows alerts, so tread lightly.

2) Boot in safe mode. If you have a virus, first step is to try booting in safe mode. You can get to safe mode (a simplified version of Windows that disables a lot of extra gunk, possibly including some spyware apps) by restarting your PC and tapping F8 during boot. Soon you'll get a menu of options. Select "Safe Mode" (it's at the top of the menu) and wait for the machine to fully boot. The system will look funny (with a black background and larger icons, probably), but don't worry about it. This is only temporary. (Also note that many spyware applications can disable safe mode, so if you find this doesn't work, just boot normally.)

3) Run your antivirus application. This is of course assuming you have an antivirus application. (Need one? Check here.) You're in safe mode now, so run a full scan of your PC at maximum security levels (include the option to scan within compressed files, for example). This will probably take an hour or more, so be patient. Fix any problems the virus scan turns up. Then reboot into safe mode again using the procedure in step 2.

4) Run one or two anti-spyware applications. I used to recommend running multiple anti-spyware apps, but virtually all antivirus apps now do a pretty good job at getting rid of spyware too, so you don't need an army of additional applications just for spyware. Also, I now recommend starting with AdAware (which is free) and moving on to Spyware Doctor (free as part of the Google Pack) if you feel you need additional help. (Please note that recent versions of Spyware Doctor and Norton Antivirus have some trouble with each other.) You can try other apps too, but the once-recommended SpyBot Search & Destroy is no longer very effective, sadly. (Neither is Microsoft's own Windows Defender.) Of course, fix anything and everything these apps find.

5) Reboot normally. (Not in safe mode.) Now take stock. Still got spyware? It's time to move along to my more advanced techniques for removing the nasties.

6) Run HijackThis. HijackThis is a free software tool that scans your computer to find malware that other apps might miss. Scroll down to "Official downloads" to download the tool. Next, simply open the ZIP file you downloaded, extract the application, and run the tool (you don't need to install it). Click the "Do a system scan and save a logfile" button. You'll receive a large text file as well as a dialog box which gives you a list of active software processes, which you can then choose to delete. Unfortunately, this list includes both helpful and unhelpful software, so don't just start deleting items. Continue in step 7 to figure out how to fix your spyware infection.

7) Post your log file online. Visit this page, which offers a list of forums staffed by volunteers who can help you interpret your HijackThis log. The SWI Forums are especially busy, but most of the forums on the list are equally apt. Go to SWI and visit the "Malware Removal" forum which has over 50,000 topics listed: Those are all people like you who are seeking help getting rid of spyware. Register for an account, read the FAQ, then visit that Malware Removal forum, and post a new topic. Paste the content of the text file you created in step 5 into this topic and (politely) ask for help. You will get a response from a volunteer helper, typically within 3 days. You'll be given specific advice on what entries to remove with the HijackThis tool, and you might be pointed to additional software to run to help remove common spyware infections. Follow all the instructions and keep working with the forum helpers until either you or they give up. (And no, don't send your log file to me or post it here. I am not nearly the spyware removal expert that these guys are.)

7a) Alternately: Paste your log file into an automated tool. Don't have three days? Try simply pasting your HijackThis log file into this form. It does a pretty good job at auto-analyzing what's wrong with your machine, with no waiting. As well, if that doesn't work, you can search for the items you find in the HijackThis log by name to see what they are and how to remove them, if they're spyware. This can be quite time consuming, though.

8) Try System Restore. If that doesn't work, you might try running Windows System Restore to roll back your OS to a time before the infection happened. This isn't foolproof: You might not have System Restore turned on, or the spyware might have shut System Restore off, as well. But it's worth a shot. With either XP or Vista, System Restore can be found under Start > All Programs > Accessories > System Tools > System Restore.

9) Give up and wipe your hard drive. At this point, you've exhausted all the options I know of. You might try again at steps 6/7 to make sure you've done everything you can to salvage the PC. Forum helpers will often work with you for weeks to help fight a spyware infection, but there are tens of thousands of possible variants out there, with new ones cropping up every day. It's just not possible to clean them all, every time. Sometimes the only thing you can do is call it quits, reformat your hard drive, and reinstall your OS. Again, make sure you have your backups ready and verified. Once you're up and running, reinstall your antivirus and anti-spyware applications, and stay vigilant against infection. Good luck.

Comments on How to beat spyware and viruses, 2008 edition

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 26 Posted by sharkcohen on Thu Sep 3, 2009 9:17PM EDT Report Abuse

    Migrate to Linux. I haven't had trouble with spyware or viruses in 2 years, and I don't run an antivirus. www.ubuntu.com

  • 27 Posted by bearcat_9425 on Thu Sep 3, 2009 3:04PM EDT Report Abuse

    No OS is immune to Viruses or spyware, the only sure way to rid yourself of these is to completely unplug. Linux users and OS 10, those are great OS's and yes atm your safe, only cause your a minority. When those OS's come to wide use be ready for attacks.

  • 28 Posted by blazeblackheart on Thu Sep 3, 2009 3:09PM EDT Report Abuse

    You can do all of these things and still have spyware. My suggestion is to get a Mac. :)

  • 29 Posted by cocoapuph on Thu Sep 3, 2009 3:28PM EDT Report Abuse

    ESET's NOD32 antivirus is by far the best software out there... I have never had a problem (knock on wood) with any virus, spyware, etc.

  • 30 Posted by gmcds2005 on Thu Sep 3, 2009 4:10PM EDT Report Abuse

    If you decide to use the HiJackThis software another place to get reasonable fast help is PCGuide.com. This site is awesome and has many very experienced members that can take you step by step through any, ANY computer fix you may have. I have been a member for several years and would reccommend it to anyone.

  • 31 Posted by annwithane1 on Thu Sep 3, 2009 2:55PM EDT Report Abuse

    It's called an Apple. Get one. You'll never regret it. Some say they're pricey but you get what you pay for and perfection comes with a price. Get this..they COME with spyware protection (among a ton of other built-in software)!!!!! PC users don't understand this earthy concept.

  • 32 Posted by sfedelem on Thu Sep 3, 2009 9:14PM EDT Report Abuse

    STEP 1: SCAN COMPUTER FOR INFECTIONS 1. The most important thing you can do is make sure you know what you%

  • 33 Posted by cwill03882 on Thu Sep 3, 2009 3:33PM EDT Report Abuse

    If your a novice or are already afflicted with a hard to get rid of spyware or virus on your PC. You can go to a website like www.bts-helpdesk.com and have a technician remotely repair your computer. All you need is internet access. That's what I do when I have this sort of problem, I let them take care of it and 2 hours later I'm good to go, no trips to the shop for me. But good anti-virus and spyware is needed to avoid constant problems. But everyone has there own opinion of which ones are best, try a few well known ones and see what works best for you.

  • 35 Posted by bamyers4az on Thu Sep 3, 2009 3:01PM EDT Report Abuse

    The author gives up too soon. One step which saved me was to run a disk free space cleaning program while still in safe mode, but after running the anti-virus.

  • 36 Posted by mbarnett56 on Thu Sep 3, 2009 7:12PM EDT Report Abuse

    I'm with soquelcalifornia. I've driven a Studebaker since 1954. No one has ever tried to steal it. Frankly, I don't think anyone knows how. What self-respecting car thief would learn how to steal one when there are so few of them? It would be as silly as a virus writer coming up with a virus for a Mac, when there is such a huge percentage of them compared to Windows based PCs. /end sarcasm

  • 37 Posted by oldhawk113 on Thu Sep 3, 2009 7:44PM EDT Report Abuse

    The number one way to avoid spyware and viruses to to stop using Internet Explorer. Firefox and Opera are much safer browsers. Next use your head. If you get a popup telling you that you are infected with spyware and click a link to get rid of it DON%

  • 38 Posted by koolkat1939 on Thu Sep 3, 2009 4:53PM EDT Report Abuse

    Thank You I found this very informative please post more on this ; since new bugs,viruses,spyware & adware is created every day.

  • 39 Posted by sitefactor on Thu Sep 3, 2009 9:25PM EDT Report Abuse

    Glad to see so many Pro-Mac people on here. Those who still fight the Windows-Mac War, we can easily hold down option and boot in to Windows now, we have both on the same machine.(thank you Intel) Don't hang on the dark side (XP) because that's where they are making popcorn, dude. Pop -pop-pop woops, hold on, that's just Windows reminding me that my computer may be at risk. Please enjoy Firefox browser for a secure Internet experience: get yours free along with Google toolbar at www.GetMyFirefox.com

  • 40 Posted by tmulkey2 on Thu Sep 3, 2009 10:14PM EDT Report Abuse

    I had to laugh. The ad on the Yahoo page for this article has a guy sitting and starting at his notebook. Interestingly enough he is starting at a Mac iBook. OSX doesn't get viruses!

  • 41 Posted by jpdraven on Thu Sep 3, 2009 4:42PM EDT Report Abuse

    1st off there are many more things that can be done to kill serious viruses and or spyware. If you people want to make life super easy this is what you do. Once a month Image or Clone your hard drive. I regularly clone my drive month to month, sometimes every 2 months depending. This serves 2 purposes. 1st and foremost if Im slammed with a nsty virus or real tough spyware I no longer need battle them, I just reclone my pc which allows me to lose little to no work Ive done since I back up month to month. 2ndly let's say over the course of 3 years your hard drive dies on you and the data is not recoverable. What do ya do now? Well if you had cloned or imaged your hard dive regularly all ya need do is buy a new drive, install it and clone or image your saved data back to the new hard drive and BANG all you stuf's there. WIndows, programs, email, files, games, music, movies, etc etc with alomst no effort. Im a Microsoft Certified Professional. The key to avoiding viruses and spyware is actually simple, BUT I only teach those techniques for a price. Just remembe this ONE free cardinal rule... When in doubt X it out. In other words, if a window or message pops up and you arent sure what to do just simply X out of the window. NEVER hit the yes no cancel or ok buttons within the window, hackers are smart enough to code both buttons to do the same exact thing... install something u dont want on your pc! The X in the top right corner of the window is ALWAYS the safest thing to hit in this case, HENCE, " WHEN IN DOUBT X IT OUT" That ones free, the rest however comes to us all at a price.

  • 42 Posted by drakethebanditi on Thu Sep 3, 2009 3:48PM EDT Report Abuse

    This is good advice for the most part. To answer playerschoice2005 question, AVG is a good anti-virus in my opinion but it is a little rough about the edges. I prefer Avast because it doesn't cause your PC to scan for viruses the moment you turn your PC on thus slowing it down. And for all you Linux/Mac lovers it is nice to know you don't get viruses and run faster... and don't blue screen.. and don't worry about updates with glitches and soo on but sadly most of this world still uses Microsoft. So posting messages about how you don't have any problems is just annoying . The one thing i disagree with from this is the part about spy ware. I like to note that SpyBot Search and Destory kicks butt! It usually scanns faster too. I been doing PC work for over 5 years my top list has been spybot, ad-ware and superAntiApyware. Not sure if you just have a personal problem with spybot or something but spybot will do what HiJackThis will do AND it will tell the user if the BHO is bad or good with a check mark. And it does Active X plugins as well.. and WinStock.. and the HOST file... and and well a frak load of things. Have you even used the Advanced Tab of SpyBot? Its immunization feature is really cool too! I will note though that when 1.5 first came out it did have issues. 1.5.2 though is really good just some minor memory issues that you normally wont have to deal with.

  • 43 Posted by cheesyfreeze88 on Thu Sep 3, 2009 3:22PM EDT Report Abuse

    If someone doesn't know the difference between a Windows message window and a virus, they shouldn't even be operating a computer. Simple as that. Don't be stupid online and you won't get any malware.

  • 45 Posted by jhnedrmr on Thu Sep 3, 2009 4:34PM EDT Report Abuse

    21 Posted by yaodan1989 on Thu Apr 3, 2008 11:01PM EDT If you got the time to do step 1-8, guess what, reformat your PC!!!!!! It takes about the same, most likely less time to reformat the PC thank doing 1-8. After all, reformat PC cleans ALL pests for SURE, 1-8 not really. Off course, you got to do it from time to time. MY pc got no anti-virues, I make sure my cute cute pc stay away from all visible bugs, invisible ones will be killded every sevearl months b/c I clean up my Hard Driver lolzz THIS ONE IS RIGHT!!!

Post a Comment

Sign In to Post a Comment

My Tech

Please enable your browser's cookies to activate the My Tech column.

Also on Yahoo! Tech

Computers Home Office Wi-Fi & Networking Phones & PDAs Cameras & Camcorders TV & Home Theater Portable Audio
 

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.