Article updated: July 2010
In 2004, spyware/adware became the #1 threat to personal computers. For a definition of spyware, visit Webopedia.
Getting rid of spyware has reached a point that it takes an expert, or a lot of persistence, to really get rid of it totally. Following is a list of steps that we frequently take to completely restore a compromised computer. Depending on the level of problems, we may omit some steps, but this list covers everything we do.
NOTE: These are not steps we recommend for every computer that has a little spyware on it. Also, some of these steps, if not performed properly, can further harm your computer. Proceed at your own risk.
ANOTHER NOTE: For a great list of fake antispyware programs, visit SpywareWarrior’s rogue or suspect anti-spyware comparison.
A THIRD NOTE: We perform most of these operations in Safe Mode (repeatedly push the F8 key on your keyboard at startup to reach safe mode), and if the computer uses Windows XP or newer, we disable the System Restore (RIGHT Click “My Computer”, Click System Restore tab, uncheck the box that says “Use System Restore”, click OK). And lastly, your computer SHOULD NOT BE CONNECTED TO THE INTERNET WHEN PERFORMING MOST OF THESE STEPS. If your system is in really bad shape, you will need to run the recommended tools without updates in Safe Mode, then update them after you get all steps performed and get connected to the Internet again.
A LAST NOTE: Always backup your important data before proceeding…address books, email, documents, pictures, etc.
- After downloading all the tools (you may need to do so on a friend’s or neighbor’s computer and copy them to a CD or flash drive) below, disconnect from the Internet. All these tools offer fully functional FREE versions…if you are asked for money, you took a misstep somewhere.
- Restart computer in Safe Mode
- Delete all temporary files (even the hidden ones). You can do this quickly by downloading and running Cleanup or CCleaner.
- Install and run MalwareBytes and SuperAntiSpyware and ComobFix
- Search add/remove files for installed spyware programs in the Add/Remove Programs and remove them.
- Install, update and run Spybot
- In some cases, the spyware will keep coming back due to Trojan viruses that Norton or McAfee do not detect. If this is the case, we uninstall Norton or McAfee and install AVG or Avast anti-virus programs.
- Install Firefox or Google Chrome and instruct the user to use Internet Explorer only when Firefox is not able to pull up a particular site.
- It is important to disable the System Restore prior to starting this process, but remember to enable it when finished.
In some extreme cases, this process can take up to three hours. At times, it makes sense to simply backup important data then reformat the system and install Windows and your programs again.
Do not take spyware lightly, but making it illegal is not the answer. Secure computers and savvy users will be the only thing that stops this nasty digital intrusion. And we know that listeners and followers of our program maintain secure computers because they are smart and informed computer users!
If all of this seems overwhelming to you, by all means don’t wade into these dangerous waters…call a professional (like me)!