How to beat spyware and viruses, 2008 edition

Wed Apr 2, 2008 11:46AM EDT

See Comments (169)

The last time I wrote a piece on how to remove spyware from your computer was in 2006. Time for an update, I think. Here's my perennial "How to Beat Spyware" howto, revised and updated for 2008 (and combined into a single file instead of two parts).

Here's what to do if you suspect an infection on your Windows PC. (Please note these steps apply to both Windows XP and Vista.)

1) Are you sure it's spyware or a virus? Windows pop-ups and alerts can often seem invasive enough to be viruses, especially with Vista. Try searching the web for the exact text you see on the screen to make sure you aren't dealing with an aggressive Windows message. (Many of these can be turned off, so try whatever instructions you find.) On the other hand, some viruses masquerade as Windows alerts, so tread lightly.

2) Boot in safe mode. If you have a virus, first step is to try booting in safe mode. You can get to safe mode (a simplified version of Windows that disables a lot of extra gunk, possibly including some spyware apps) by restarting your PC and tapping F8 during boot. Soon you'll get a menu of options. Select "Safe Mode" (it's at the top of the menu) and wait for the machine to fully boot. The system will look funny (with a black background and larger icons, probably), but don't worry about it. This is only temporary. (Also note that many spyware applications can disable safe mode, so if you find this doesn't work, just boot normally.)

3) Run your antivirus application. This is of course assuming you have an antivirus application. (Need one? Check here.) You're in safe mode now, so run a full scan of your PC at maximum security levels (include the option to scan within compressed files, for example). This will probably take an hour or more, so be patient. Fix any problems the virus scan turns up. Then reboot into safe mode again using the procedure in step 2.

4) Run one or two anti-spyware applications. I used to recommend running multiple anti-spyware apps, but virtually all antivirus apps now do a pretty good job at getting rid of spyware too, so you don't need an army of additional applications just for spyware. Also, I now recommend starting with AdAware (which is free) and moving on to Spyware Doctor (free as part of the Google Pack) if you feel you need additional help. (Please note that recent versions of Spyware Doctor and Norton Antivirus have some trouble with each other.) You can try other apps too, but the once-recommended SpyBot Search & Destroy is no longer very effective, sadly. (Neither is Microsoft's own Windows Defender.) Of course, fix anything and everything these apps find.

5) Reboot normally. (Not in safe mode.) Now take stock. Still got spyware? It's time to move along to my more advanced techniques for removing the nasties.

6) Run HijackThis. HijackThis is a free software tool that scans your computer to find malware that other apps might miss. Scroll down to "Official downloads" to download the tool. Next, simply open the ZIP file you downloaded, extract the application, and run the tool (you don't need to install it). Click the "Do a system scan and save a logfile" button. You'll receive a large text file as well as a dialog box which gives you a list of active software processes, which you can then choose to delete. Unfortunately, this list includes both helpful and unhelpful software, so don't just start deleting items. Continue in step 7 to figure out how to fix your spyware infection.

7) Post your log file online. Visit this page, which offers a list of forums staffed by volunteers who can help you interpret your HijackThis log. The SWI Forums are especially busy, but most of the forums on the list are equally apt. Go to SWI and visit the "Malware Removal" forum which has over 50,000 topics listed: Those are all people like you who are seeking help getting rid of spyware. Register for an account, read the FAQ, then visit that Malware Removal forum, and post a new topic. Paste the content of the text file you created in step 5 into this topic and (politely) ask for help. You will get a response from a volunteer helper, typically within 3 days. You'll be given specific advice on what entries to remove with the HijackThis tool, and you might be pointed to additional software to run to help remove common spyware infections. Follow all the instructions and keep working with the forum helpers until either you or they give up. (And no, don't send your log file to me or post it here. I am not nearly the spyware removal expert that these guys are.)

7a) Alternately: Paste your log file into an automated tool. Don't have three days? Try simply pasting your HijackThis log file into this form. It does a pretty good job at auto-analyzing what's wrong with your machine, with no waiting. As well, if that doesn't work, you can search for the items you find in the HijackThis log by name to see what they are and how to remove them, if they're spyware. This can be quite time consuming, though.

8) Try System Restore. If that doesn't work, you might try running Windows System Restore to roll back your OS to a time before the infection happened. This isn't foolproof: You might not have System Restore turned on, or the spyware might have shut System Restore off, as well. But it's worth a shot. With either XP or Vista, System Restore can be found under Start > All Programs > Accessories > System Tools > System Restore.

9) Give up and wipe your hard drive. At this point, you've exhausted all the options I know of. You might try again at steps 6/7 to make sure you've done everything you can to salvage the PC. Forum helpers will often work with you for weeks to help fight a spyware infection, but there are tens of thousands of possible variants out there, with new ones cropping up every day. It's just not possible to clean them all, every time. Sometimes the only thing you can do is call it quits, reformat your hard drive, and reinstall your OS. Again, make sure you have your backups ready and verified. Once you're up and running, reinstall your antivirus and anti-spyware applications, and stay vigilant against infection. Good luck.

Comments on How to beat spyware and viruses, 2008 edition

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 6 Posted by thegraffix on Thu Sep 3, 2009 10:04PM EDT Report Abuse

    If you haven't heard of or tried ComboFix yet, go to http://download.bleepingcomputer.com/sUBs/ComboFix.exe and get this tool, put it on your desktop, boot into safe mode, and run it. It removes so much stuff it's crazy, especially for a 1.58MB file.

  • 7 Posted by tylerex2 on Thu Sep 3, 2009 10:25PM EDT Report Abuse

    Use threatfire! it prevents the spyware from even getting on your computer. Of course, its free too :)

  • 8 Posted by purttyrobby on Thu Sep 3, 2009 8:22PM EDT Report Abuse

    just get a mac u wont have to worry about this -----

  • 9 Posted by kikocozy on Thu Sep 3, 2009 4:50PM EDT Report Abuse

    Not really familiar with the topic, being an OS X user.

  • 10 Posted by champcar180000rpm on Thu Sep 3, 2009 3:21PM EDT Report Abuse

    Or take it to a computer professional. There are many other things you can do to troubleshoot viruses, spyware, and adware. This list is just a bare minimum of basic things the average person can try.

  • 11 Posted by mercury_8203 on Thu Sep 3, 2009 7:16PM EDT Report Abuse

    As far as Windows security solutions go, for enterprises the best option is the itSoftware Security Suite. It combines two products that handle all types of badware without relying on definitions. Unfortunately it is only available to businesses. More info can be found at itSoftwareProducts.com.

  • 12 Posted by leowyatt410 on Thu Sep 3, 2009 6:49PM EDT Report Abuse

    i have superantispyware i love it.. if something pops up and it says it's from microsoft don't believe it if worse comes to worse take a hammer to the HD and sma----- to billions of pieces no joke then go buy a new one

  • 13 Posted by playerschoice2005 on Thu Sep 3, 2009 8:14PM EDT Report Abuse

    HI, Currently, I have the free AVG Anti-Virus edition would this be good enough or better then the ones mentioned on this site? Thanks

  • 14 Posted by indygirlfriend on Thu Sep 3, 2009 4:24PM EDT Report Abuse

    I get redirected on IE on most searches... I have run virus and spy ware removal software multiple times.... do I have any other choice but to reload my OS?

  • 15 Posted by jhnedrmr on Thu Sep 3, 2009 4:34PM EDT Report Abuse

    I cant figure why people use all this spyware garbage that is known to not find everything. Why not reinstall windows after backing up all wanted files? You pay up to $200.00 for windows why only use it once? Everytime I have a problem I reinstall windows,for the time it takes to mess with all these steps above, you could reinstall windows in less time. Most of the time, I have ended up using this option: (Antivirus and spyware software what a rip off and waste of time, why spend all that money when you have your os?) 9) Give up and wipe your hard drive. At this point, you've exhausted all the options I know of. You might try again at steps 6/7 to make sure you've done everything you can to salvage the PC. Forum helpers will often work with you for weeks to help fight a spyware infection, but there are tens of thousands of possible variants out there, with new ones cropping up every day. It's just not possible to clean them all, every time. Sometimes the only thing you can do is call it quits, reformat your hard drive, and reinstall your OS. Again, make sure you have your backups ready and verified. Once you're up and running, reinstall your antivirus and anti-spyware applications, and stay vigilant against infection. Good luck.

  • 16 Posted by patriot_of_america on Thu Sep 3, 2009 8:01PM EDT Report Abuse

    If you want to kill malware and spyware dead, SWITCH TO LINUX!!!! Let me repeat that, SWITCH TO LINUX TO END ALL VIRUS, MALWARE, AND SPYWARE PROBLEMS!!! I've been running Ubuntu 7.10, with Linux kernel 2.6.22-14-generic for well over six months now after finally getting fed up with Windows XP, and I can't be any happier with how my computer is running since then. Linux is different in that when you download something off the net with it, it WILL NOT let whatever you download run as a program unless you give it permission to!! Linux is built like Fort Knox when it comes to internet security, and Ubuntu is the most user-friendly style of Linux created yet, intuitively Windows-like, WITHOUT the security issues and stability issues. It is also more efficient running than Windows.

  • 17 Posted by leowyatt410 on Thu Sep 3, 2009 6:49PM EDT Report Abuse

    guess your not up to speed purrty mac now has windows no matter how many programs there are your PC and mac will get infected

  • 18 Posted by gwdelozier on Thu Sep 3, 2009 4:14PM EDT Report Abuse

    Just today I did a search via Yahoo for 'DVPRO50 codecs for Windows' and came upon a website that said to download a file. It ended up being a Setup.exe file. I know by experience that these are usually viruses, so I scanned it with AVG free antivirus and it said it was fine. I opened it and whamo - viruses and triogans began eating their way through my system. I ended up performing a System restore for 2 days ago, and my files were not altered while Windows did the restore. The virus was still there so I scanned with AdAware and Acronis Privacy Suite, they caught some of the spyware, but it was Spybot that eventually saved the day. It got rid of what appeared to be several trogans. Spybot is another free utility that can be downloaded at download.com. It gets a bad rap in some reviews, but in this case it performed better than any other software I usually rely upon, such as Adaware. My computer works fine now. Of note, another way to get to 'safe mode' is by going to Start Run and typing in MSCONFIG. Then you can disable all the Startup items and all the Services, Be sure to click 'Hide all Microsoft services' before clicking the 'Disable all' services button. Hope this helps someone.

  • 19 Posted by buck20fan3127 on Thu Sep 3, 2009 3:15PM EDT Report Abuse

    Use Windows firewall, have a known good spyware program. Quit surfing ----- ty porn and e-mails and your good!! Easy as that. I love www.spybot.com and www.adaware.com. Both are free and easy to use.

  • 20 Posted by yaodan1989 on Thu Sep 3, 2009 10:55PM EDT Report Abuse

    If you got the time to do step 1-8, guess what, reformat your PC!!!!!! It takes about the same, most likely less time to reformat the PC thank doing 1-8. After all, reformat PC cleans ALL pests for SURE, 1-8 not really. Off course, you got to do it from time to time. MY pc got no anti-virues, I make sure my cute cute pc stay away from all visible bugs, invisible ones will be killded every sevearl months b/c I clean up my Hard Driver lolzz

  • 21 Posted by brian.longo on Thu Sep 3, 2009 3:13PM EDT Report Abuse

    A firewall is only as good as the person managing the firewall. If someone decides to run LimeWire (or any other "virus portal"), a firewall is worthless. I agree with the SUPERAntiSpyware endorsement. I use it and it's quite effective. Another decent, free, anti-spyware program is AVG Anti-Spyware. It picks up some signatures that SUPERAntiSpyware tends to miss. The interface is a little clunky, though. Please, though, do not waste your money and buy a commercial AntiVirus/Internet Security suite such as Norton Internet "In"Security (or 360) or any McAfee product. These programs are no more effective than free versions of software that's out there, not to mention they are resource hogs as well! Norton was good 8 years ago, even 6 years ago, but not anymore. If I had to give an endorsement to a paid A/V solution, Kaspersky is worth the money, but outside of them, I don't think anyone's worth the money. Other than that, AVG Free AntiVirus is as effective as Norton or McAfee without the load on the CPU and resource hogging. Even AntiVir is decent - much better than Norton or McAfee. There are many decent free programs out there if you're willing to look around and learn to use. Firewall programs such as Comodo Personal Firewall or ZoneAlarm Free Firewall are effective, and I mentioned decent anti-virus and anti-spyware programs. Honestly, though, the best defense against viruses and spyware is paying attention and common sense and patience. Three things I stress to people; one, don't be "click happy", two, browse the Internet with a level of suspicion (not paranoia), and three, don't open any e-mail attachments (or even e-mails) from someone you don't know because no matter how good your protection is, it's only as good as the person on the computer, and if you roam about the Internet haphazardly, expect to get infected. Also, learn to use Google and research some things and find out if they're good or not. Don't just assume the first 5 hits are good, though, look through the first 10-50 hits and get a consensus.

  • 23 Posted by kargol47 on Thu Sep 3, 2009 4:47PM EDT Report Abuse

    Another step that I've used is to install Avast antivirus free for home use and schedule a Boot Scan which finds malware that hides in the Windows operating system. A Boot Scan will scan your drive before Windows starts up.

  • 24 Posted by bearcat_9425 on Thu Sep 3, 2009 3:04PM EDT Report Abuse

    This is a decent guide. Have to becareful with Hijack this and make sure you don't delete something thats essential to a non harmful program. I am seeing alot of suggestions of going to linux and thats fine but got to rem the average user out there is not accustomed to linux so a OS change would be more trouble due to learning a whole new system. Linux is getting more user freindly though by the day which is awesome. As for you Mac users, your not really any more safe, your just a minority that the coders of virus and spyware don't attack cause, really whats the point. You account for what, 20% of the average users on the internet, Maybe, so why bother, write your code for whats gonna get you noticed, windows based system. By suggesting everyone goes to Mac your just making OS 10 a more liable source of attacks. Its all about whats gonna make the biggest splash, whos gonna take down the most systems, and the best way to do that now atm is Windows baby.

  • 25 Posted by tony02026 on Thu Sep 3, 2009 10:16PM EDT Report Abuse

    or you can just get a MAC and never get a virus, and never suffer from freeze-ups... and live with peace of mind... why waste ur time and money on blocking something that shouldnt even be there in the first place...

Post a Comment

Sign In to Post a Comment

My Tech

Please enable your browser's cookies to activate the My Tech column.

Also on Yahoo! Tech

Computers Home Office Wi-Fi & Networking Phones & PDAs Cameras & Camcorders TV & Home Theater Portable Audio
 

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.