As I continue to get questions on Spyware, it seemed like the next “best topic” to pursue in my blogging series. So here we go !
A long long time ago …
Several years back, a friend of mine had a particularly bad piece of spyware on his machine. I learned a tremendous amount about how they worked, and over the years I have helped a number of people remove spyware from their computers.
For those NOT familiar with the term Spyware – The following link is the Wikipedia description (the first 3 paragraphs should sufficiently describe the topic )
What I am going to do with my next series of blogs is share with you those experiences (and what I consider to be my “best practices) to help others remove spyware from their computer on their own.
The focus of this article will be on the basics of removing spyware – I will get to advanced topics in a future entry.
How the heck did you get Spyware in the 1st place ?
There is no single way that spyware gets into a machine. To keep this at a high level – Spyware can end up on your machine from one or more of the following
- You installed a program from an unknown internet site
- You installed one of those “coupon” / “game” / “search” toolbars in your browser
- You ran a program a friend sent you in the email
Click here – My blog on the basics of avoiding Spyware
And there are different types of spyware – ranging from just plain annoying to performance crippling to next to impossible to get rid of. And just a heads up – it can take some work AND patience to completely rid a machine of spyware.
Remember : You can’t spell PAtienCE without P A C E !
You don’t know what you don’t know – But you know !
So how do you KNOW you have Spyware on your machine? It is NOT always apparent that a machine is “infected”. So while you can’t always tell at first glance, some tell tale signs include:
- The PC seems very slow to respond
- You have a lot of pop-ups
- Browser doesnt get you to the site you type in
- Something doesn’t seem right (Email)
Please Sir, may I have some more ?
Now here is another tidbit. Some spyware LOVES to be connected to the Internet – access to the outside world not only gives them the opportunity to SEND information out – but they can download and INSTALL additional spyware programs!. I remember one instance where a single spyware application downloaded at least 10 other related spyware applications. When all of that spyware was loaded and running – the PC was barely usable.
So this get us to my next “best practice” – which is especially useful with hard to handle spyware:
Disconnect your PC from the Network (wired and wireless) BEFORE starting a Spyware removal scan
This effectively starves the spyware and allows the spyware removal program to do its job.
The “main event” – software that finds and eliminates spyware …
It took a while to get here, but having an understanding of the elements of spyware makes it that much easier to combat it. So now we can look at the available suite of tools
There are a number of spyware products on the market. They typically fall into 2 categories
- Free (Limited for home users)
- Premium (i.e. more features but it costs you)
For home users you can focus on the free versions. Business owners should purchase the fee based versions
Four tools that should uncover most spyware include:
- MalwareBytes ( http://www.malwarebytes.org/ )
- SuperAntiSpyware (http://www.superantispyware.com/)
- Adaware (http://www.lavasoft.com/?domain=adware.us)
- Spybot Search and Destroy (http://www.safer-networking.org/en/home/index.html)
Installing Spyware applications
While it is possible to download/install any of the above mentioned spyware tools on an “infected” machine, I have seen instances where the browser is “hijacked” and will not allow you to get to the sites that will effectively fix your problem.
So, this leads to my next “Best Practice”
Use a “clean machine” to download Spyware Removal installation programs and copy them to a USB Drive
For PC’s that are really infected, you should run the Spyware removal installation programs from the USB key.
Running the Spyware programs
There is nothing unusual about the installation of any of the Spyware removal programs mentioned above (just accept the default settings during the installation). When you run any of the programs for the first time, most ask if you want to update the signature database. This is a judgement call largely based on how slow your PC is running – running a scan without updating the signature database isn’t going to hurt anything. Besides you can always update the signature database later and run another scan.
Also, you need to have your PC connected to get the signature updates. Its when you start running the scan that you should considering disconnecting your network.
Some other additional recommendations
- You should consider running each spyware program at least once. While this may defy logic, I have seen instances where running the same Spyware removal program two times in a row picked up things missed on the 1st pass
- You should plan on running multiple spyware programs
- You shouldn’t use the machine with an account configured as administrator access (we cover this more in advanced topics)
Now that wasn’t so bad, was it ?
And this seems like a good place to finish “Part 1”. Hopefully you found this rather confusing topic a little bit easier to understand.
I really look forward to your feedback – some questions I have
- Was this at the right level
- Any concepts that weren’t clear / you want to hear more about
And as always if you found this useful pass it along to your friends (at least one of them has spyware lurking about)
And feel to become a Facebook fan at Keep Pace Technology