Spyware? Adware? Virus? I've lost control of my machine!

A place where the most common PC questions are already answered for you.

Moderator: The Mod Squad

Spyware? Adware? Virus? I've lost control of my machine!

Postby Robyn » Thu Jan 19, 2006 6:43 pm

While I occasionally build and troubleshoot, I've had the *cough* joy of helping many people when their computer just seems to be out of control. So I thought I'd give my little spiel on some basic steps in cleaning up. I'm no authority but this tends to set me on the right path. It's not a terribly original tactic either.

First of all, if you're totally bogged with things, it's the most effective if you can do a nice wipe of the hard drive. That is to reformat the drive/partition that is your C: or the one with your OS and reinstall it from the beginning. Having extra drives is helpful.

However, if you have too many things you'd want to back up, or your windows disc isn't working or you lost it or you're otherwise unable to do that, or want to fight the good fight, hope is not completely lost.

This is for windows xp but isn't completely invalid if you're not using that.

First of all: What is adware/spyware/malware/a virus?

Adware refers to software that typically is disquised as it enters your computer but just serves to make more popups, redirect your search engine (hijackers), and clog your internet connection with advertisements.

Spyware is another type of sneaky software that collects your personal information and sends it to.... somewhere. 8O

Malware is a variation on the terms Mal= bad in latin

And viruses are the computer equivalent of the buggies that get you sick. They prosper in their ability to enter your computer, damage files you want, and use your resources to duplicate and spread. They can sneak in disquised in other files. Worms can generate tons of other files, or take of your windows to do things like completely wrench control over your system. If you remember Sasser from experience or in the news it would turn off your computer in under a minute upon entering windows.

Your best bet for a virus is to run a virus scanning program. If it damaged windows files you can do a repair installation that doesn't delete everything else. If you have a specific virus there is probably an article with the best techniques there, maybe even files to fix it. I won't talk too much about viruses because of that.

How did it get there?

There are things you can do to prevent letting it get on your computer in the first place.

1. Don't click on popups. If you can't see the X to close it then press alt+f4 to close the window, or you can minimize it with alt+ esc and then right click on it and select close (helpful if you're not sure which window is the active one).

2. Don't download things if you don't know where they came from. This is more than just email attachments. My dad used to install all these "free adware destroying" programs. Many times they were more like adware installers. Clear your cookies and temporary files often. In Internet explorer these are under the tools menu. In internet options I would keep your history short (a week is fine).

3. Always download things to your desktop at first. This is easy in a browser like firefox that will let you set the download site. This helps in managing your files because they end up where YOU put them. This also gives you some sort of grasp as to what files you download intentionally should you question them in the future.

4. Dirty sites use dirty tactics. Don't be suprised when a you contract something from them if you wouldn't be surprised in real life. This goes for "how to hack" sites and sites with illegal goods as well. Some files don't share well with others.

5. It might not even be your fault though.

6. Some things that look fun and helpful sneak bad stuff on there. Browser add ons, unofficial "optimisers" and some free software will end up being more pain than their worth.


To do this you will need: an internet connection (probably the source of all your problems anyways), A decent virus protecting program, and some spare time.

First of all, while your computer is not connected to the internet, go to the add/remove programs and under remove, get rid of anything you KNOW you don't want. Some of these will be obvious to even the not experienced. Not all of the baddies will be on the list. Some will demand you fill out a survey to delete them. You can try deleting them while online.

Get back online and install "lavasoft adaware" or "spybot search and destroy". There are other good ones, mostly ones you buy. Beware of imitations. Whichever you choose (or both, they're small enough to do that), update their definition files and run them, and when the scans are complete delete all of their findings. My brother maxed out on adaware at over 500 found, my dad kept it under 200, and i get about 2. (in adaware, go to scan summary and click them all). This should have helped a lot.

Now do a virus scan. I use my school's Norton subscription but if you don't have that or Virus scan then I'd read a few reviews about a freebie. Try cnet.com's download.com- those files are pretty safe.

Now, download Hijackthis 1.99 and run a scan. You can delete any obvious ones with the "fix checked" and for ones you're not sure about you can either google them or post in our spyware forum and someone will probably know.

By now i find even my brother's relatively clean but you can hit ctrl+alt+del and then see how many processes you have going. Do they look obviously bad? Is your CPU percentage under performance still pretty high?

For the worst baddies- It is possible to go through your windows folders to find the bad guys and if they won't delete write down their filepath (in the address bar) and then boot into windows "safe mode command line prompt" and then rename the file to something you'll find later like thisfile.sux or something. Then you can delete it in normal windows.

After all this is a fantastic time to get rid of whatever else you feel like deleting (legitimate programs you don't use anymore etc) and defragmenting.

After all this I try to limit my likelihood of getting more of this stuff. I use firefox, you can use that or opera or something else non-IE and it helps in theory. You can use a firewall, I actually do just fine with the windows xpsp2 one but there are a number of third-party ones that do well too. Make sure you know which folders on your computer are "shared". Don't use a p2p network. I like realalternative instead of realplayer and trillian instead of aim to lessen my adload.

And then for spam... well stop giving your real address out. It's like meeting someone in a bar- if you'd give them a fake number you'd best have a fake emal address. Maybe even make a separate one just for things like registering for sites or contests or something. When you do get spam if there's an unsubscribe link sometimes that actually DOES help. When you do register on sites remember to uncheck all of those tiny "yes, I'd like to receive your newsletter" or "yes, feel free to send me a bunch of crap" checkboxes.

okay, that's about all i know, which unfortunately isn't very much, but I thought it would be a decent starting point.
Image
Robyn
Black Belt 1st Degree
Black Belt 1st Degree
 
Posts: 1526
Joined: Mon Mar 08, 2004 3:04 am
Location: Lab Rat in MN

Postby ~PJ~ » Fri Jan 20, 2006 1:46 pm

That's good, Robyn. Mind if I adapt it when I restart the basic computing courses?
My usual way of explaining the differences is this:
Spyware / Malware falls into two categorie;.
a] The door-to-door salesman who calls, sticks his foot in the way and won't go away until you've bought something
b] The thief who breaks in on the sly and nicks stuff
Viruses;
They're the sick people who break into your house, draw on the walls, smash the furniture and c**p on the carpet.
Image

Let there be respect for the earth,
Peace for its people,
Love in our lives,
Delight in the good,
Forgiveness for past wrongs,
And from now on a new start.
~PJ~
Black Belt 5th Degree
Black Belt 5th Degree
 
Posts: 5791
Joined: Fri Apr 11, 2003 5:59 pm
Location: Leeds, UK

Postby redeye53 » Sat Jan 21, 2006 6:54 pm

~PJ~ wrote:They're the sick people who break into your house, draw on the walls, smash the furniture and c**p on the carpet.


Alot nicer than I'd say :evil:

Educating my "clients" about this crap that changes daily is hitting a brick wall. People don't know or just plain don't care.
My solution: Ask them how often they get their oil changed on their car. Same things apply here. If I can get a PC in here before a zillion spycrap animals have had their way-not much charge. Bring that motor in smoking and knocking you better bring your checkbook :wink:
Seems to be working :D
Image
redeye53
Black Belt 1st Degree
Black Belt 1st Degree
 
Posts: 1522
Joined: Sun Jan 19, 2003 11:31 pm
Location: Troy N.Y.

Postby DAVE1 » Sat Jan 21, 2006 7:44 pm

redeye53 wrote:
~PJ~ wrote:They're the sick people who break into your house, draw on the walls, smash the furniture and c**p on the carpet.


Alot nicer than I'd say :evil:

Educating my "clients" about this crap that changes daily is hitting a brick wall. People don't know or just plain don't care.
My solution: Ask them how often they get their oil changed on their car. Same things apply here. If I can get a PC in here before a zillion spycrap animals have had their way-not much charge. Bring that motor in smoking and knocking you better bring your checkbook :wink:
Seems to be working :D


don't you want people to bring there checkbook though?
Join team 33258 today!!
DAVE1
Mobo-fu Master
Mobo-fu Master
 
Posts: 7699
Joined: Sat May 14, 2005 11:49 am

Postby redeye53 » Sat Jan 21, 2006 8:45 pm

I do have a conscience. :roll:
Of course if I was to get off my high horse I'd probably be able to afford another folding machine :lol:
Image
redeye53
Black Belt 1st Degree
Black Belt 1st Degree
 
Posts: 1522
Joined: Sun Jan 19, 2003 11:31 pm
Location: Troy N.Y.

Postby ajrox » Sun Jan 22, 2006 2:04 am

how about using task scheduler to run this automatically?
i use it at my shop on the workstation PCs to defrag at night once a week. you could set it for every other day or once a week, whatever, at like 10:00pm at night when no one is using the PC?
AJ
coming soon to an over clockers dream near you:
EVGA 790i tri SLI
intel core2 quad 9550
6gb G.SKILL DDR3 16000
3X EVGA 8800gts video cards
water cooled fo sho
the rest when i get paid
PS... im gonna break 4ghz easily....
ajrox
Black Belt 1st Degree
Black Belt 1st Degree
 
Posts: 1451
Joined: Tue Nov 19, 2002 4:04 pm
Location: las vegas nevada

Postby Robyn » Thu Jan 26, 2006 8:24 am

~PJ~ wrote:That's good, Robyn. Mind if I adapt it when I restart the basic computing courses?


Whatever you like.
Image
Robyn
Black Belt 1st Degree
Black Belt 1st Degree
 
Posts: 1526
Joined: Mon Mar 08, 2004 3:04 am
Location: Lab Rat in MN

Postby Doc Overclock » Thu Jan 26, 2006 2:56 pm

Watchout for a product called SpywareStrike, it is the worst of the bunch.

You need this to remove it..

http://www.spywarestrike.net/remove/default.asp
Doc Overclock - Adventures In Electricity
Doc Overclock
Lord Of The Realm
 
Posts: 3328
Joined: Thu May 25, 2000 12:01 am
Location: Star Fleet Academy


Return to MBHW Q&A

Who is online

Users browsing this forum: No registered users and 1 guest