In the Forums...
Posted: January 21, 2006
Last modified: January 26, 2006
Written By: Dan "Tweak Monkey" Kennedy
IMPORANTANT EDIT: Somehow when I posted this article I neglected you should first always disable System Restore, as spyware has been known to reside in its stored states.
Let Me Guess...
So let me guess - you're reading this article because your computer is running slow, you've got pop-up ads, or you're receiving errors you haven't seen before. Perhaps your web browser is littered with toolbars and your homepage has been hijacked. If your PC is showing any of these symptoms it's probably infected with spyware, malware, or adware. All of these programs are different from viruses (which usually cause your PC not to function) and from each other, but they all do pretty much the same thing. Fortunately, the fix is relatively easy and once you understand the technique it takes around 15-30 minutes to complete the process. This process is designed for Windows XP and 2000 but works well on Windows ME and 98 machines as well.
Believe me; I've seen much worse.
Most repair shops charge between $100 and $300 to remove spyware from your PC. This article will show you how to do it for free.
Before you begin you should make a backup of your registry (Start, Run, regedit then choose File, Export, (type name) Save). Use these tips at your own risk.
Step 1 - Add/Remove Programs
Before you run any scans or delete any files, uninstall any adware programs that have an uninstall feature. First check the Start menu under All Programs for offending programs that have an Uninstall shortcut. After that, open up the Control Panel (Start, Control Panel) and go to Add/Remove Programs. Search through the list and remove anything with suspicious keywords like:
- Best, Ultimate, Smileys, Offers, Bargains, Deals, Tools
- Gator, NewDotNet, New.Net Domains, Dialer, Freeaccess, Save
- P2P, Bulls Eye, File Sharing, Kazaa, IMesh, Grokster
- Toolbars, WinTools, WSUP, Ad Support, Adware, Spyware
Some of the uninstallers will require you to type characters in to verify you really want to get rid of them. Many may not work at all. This is only the first step. It's okay if these don't all work and some uninstallations may require you to reboot.
Now open Internet Explorer. At the top, right click where the toolbars are at and uncheck the boxes for toolbars you want to remove.
Yeah... this needs to go.
Then choose Tools, Manage Add-ons... at the top (if the option's available). You can see which toolbars and BHO (browser helper objects) are enabled and manually disable them here.
Ever used HiJackThis?
Step 2 - Install Tools And Updates
Now you want to remove the programs that caused the ads or toolbars in the first place. The number of tools you'll need to clean the crap off your PC varies, but I recommend at least the following be downloaded now:
- Microsoft Antispyware
- Spybot Search and Destroy
- CCleaner (CrapCleaner)
- WinSock Fix (only required if the PC won't go online)
Download and install all the programs on the list. Do not run HiJackThis or WinSock Fix yet.
Run Ad-Aware (Start, All Programs, Ad-Aware SE Personal) and update the definitions. Click Check for Updates Now in the program.
Run Spybot S&D (Start, All Programs, Spybot - Search & Destroy) and update the definitions. Click Search for Updates, check the box that says Detection Rules then click Download Updates.
If you own Webroot Spy Sweeper (an excellent program) update it as well.
Now that your tools are up to date, REBOOT YOUR PC TO SAFE MODE. This step is essential if you really want to clean this stuff up. Before you do so, remove any extra User Accounts (Start, Control Panel, User Accounts) that you do not plan to use in the future to aid the removal process.
Choose Start, Turn Off Computer, then Restart. [ Print this guide for use offline ]
To enter Safe Mode, you must hit the F8 key on your keyboard immediately after it powers on. If you see the Windows loading screen before you see a text prompt asking to select your option, you need to power off the PC and try again. Alternatively choose Safe Mode With Networking and you can update software and use Internet access while the PC is scanning in Safe Mode.