A little bit of prevention can save you
hours of nightmarish work trying to
recover from a spyware disaster. Spyware
can reek total havok on your computer!
Please take the following steps to protect
your computer. (All of the following
applies to Windows computers only).
1) Download the following programs:
Ad-Aware Scans for
spy-ware and removes it. There is a good
tutorial on how to use Ad-Aware at the
following site:
http://www.bleepingcomputer.com/forums/tutorial48.html
Spybot Search and Destroy Scans
for spy-ware and removes it. There is a
good tutorial on how to use Spybot S&D at:
http://www.bleepingcomputer.com/forums/tutorial43.html
S pywareBlaster Prevents
spy-ware from getting on computer in the
first place. Remember to update it each
week.
CWShredder Removes one
common form of spy-ware called
CoolWebSearch. CoolWebSearch is vicious,
constantly evolving, and often CWShredder
is the only tool that can get rid of it.
Once you have downloaded these
programs,
update them and then run their
scans (for SpywareBlaster enable its
protection). After that, make sure to
keep them
updated and run scans weekly. If on
the first scan they find infections
(called "objects" in Ad-Aware, called
"problems" in Spybot S&D) then by all
means delete what is found and then
run a second scan to make sure
they didn't come back. Sometimes
you will have to restart your computer to
get rid of certain threats. If after
multiple scans with Ad-Aware, CWShredder,
and Spybot S&D (make sure they're
updated!) you can't get rid of everything,
you may need to use the more advanced
methods found at the bottom of this
article. Or, you can have a computer
technician fix your computer. (Note:
Spybot will always find 5 DSO exploits.
This is just a harmless bug in Spybot.)
2) Activate Immunization,
TeaTimer, and SDHelper in Spybot Search
and Destroy
Hopefully, Ad-Aware is now finding 0
objects and Spybot is only finding the 5
DSO exploits. Good job! Your computer now
is probably pretty clean of spy-ware. Now
we need to take steps to keep it that way.
Open up Spybot. Click on Immunize
on the left side of the window. Check for
bad products, then click the green cross
that says immunize. It should say "All
known bad products are already blocked"
and have a big green checkmark. Make sure
"Enable permanent blocking of bad
addresses in Internet Explorer" is checked
too. You'll have to remember to update
your immunization weekly.
Now open the
Mode
menu and change to
Advanced
Mode. On the left-hand side of the
window, click on the gray box labeled
Tools.
Click on
Resident, which is the third item
under the Tools box. Check both boxes:
Resident "SDHelper" and Resident "TeaTimer".
Now Spybot will actively prevent any
spy-ware from messing up your computer.
Whenever a setting change that might be
spy-ware-related, a window will pop up
saying Spybot "detected an important
registry entry that has been changed". You
then read the window to see what's trying
to change what and have the choice of
allowing the change or denying it.
Alternatively, if you do not like the
Spybot Resident tools, you can use
SpywareGuard, which protects you in a
similar way. Download SpywareGuard
here.
3) Use an Alternative B rowser
Most people use Internet Explorer to
browse web pages. By not using Internet
Explorer, you can increase your security
significantly. Visionary recommends the
Firefox browser. You may occasionally come
across a web site not totally compatible
with Firefox. When visiting those web
sites, you'll need to use Internet
Explorer.
Firefox:
Download from
http://www.mozilla.org
4) Lock down
Internet Explorer
Even though you're not going to be
using Internet Explorer regularly any
more, it still is a security
vulnerability, because of its tight
integration with Windows.
From the
Control Panel, open
Internet Options. Click on the
Security tab. Click the
globe labeled Internet.
Press the Default Level
button, then click Apply.
Now press the Custom Level
button. In the Active X section, set the
first two options, (Download signed and
unsigned Active X controls) to Prompt. Set
"Initalize and script ActiveX controls not
marked as safe" to Disable.
Or, alternatively, you can just set the
security level to High.
This will make you more secure, but will
frequently cause web pages to not display
correctly and be missing features. Of
course, if you're not going to any pages
that require Internet Explorer, then
you're using Firefox anyway and this won't
be a big deal.
5) Be Careful and Smart
Use the following tips:
- Never click on a pop-up
advertisement. Close pop-ups using the
close box in the top right corner (the
"X").
- Never click on a link to an anti-spyware
program advertised in Google ads. They
may say "Ad-Aware", but they are all
fake. In fact, never click on any anti-spyware
advertisement.
- Be very careful and selective of
what programs you download.
- Don't download things if you're not
sure what they do.
- Only download programs from
reputable sites.
- Do not download Kazaa, Grokster, or
similar programs.
- Be careful and selective of which
web sites you visit. Often simply
visiting a site will install spyware.
Advanced Steps
By following this advice, you should be
able to avoid the great majority of
spy-ware problems. If your computer is
already infected, however, these steps may
not be able to eliminate the spy-ware
that's already there. In that case, you
will have to use more advanced methods.
Only do these advanced
steps if you're somewhat computer literate
and feel comfortable doing them.
Otherwise, have a
professional technician or
computer
repair shop fix your computer.
1) First, try running
Ad-Aware and Spybot in Safe Mode.
2) Try manually
removing anything you can. Open the
Control Panel, then open Add/Remove
Programs. Be very careful in here because
you don’t want to remove something
important. Look through the list of
programs for any obvious instances of
spyware. If you find any, remove them. For
instance, if you’re trying to get rid of
Weatherbug, none of the removal programs
will get it, but you can remove it in this
Add/Remove Programs list. For more help
with manual removal, click here.
Then, if you still
have problems, you'll have to download
HijackThis and go to a spy-ware-fighting
forum for further advice and help.
Do NOT run HijackThis until you have read
quite a bit on these spyware-fighting
forums. If you delete everything
HijackThis finds, you WILL break your
computer and funSMS.net will not be
responsible. Below are links to
some good forums. They’ll tell you how to
download HijackThis and what to do
afterward.