Wednesday, December 20, 2006

Scanning for and removing spyware with Spybot - S & D

Previous page: Downloading, installing and updating Spybot - Search & Destroy

After the installation of Spybot - Search & Destory is complete, it is time to scan your machine for possible spyware infestations.

6.1 You will be presented with the main Spybot screen. Click the Check for problems button (see 1 in the screenshot below).

Starting the scan for potential spyware/malware problems.

Spybot will now start the scan for spyware. Unlike Ad-Aware, any spyware found will be shown by Spybot at the end of the scanning and not during it. This process is faster than the scan performed by Ad-Aware, but it still lasts a few minutes. Meanwhile, go grab some fresh air and make a stretch ;-).

Spybot is scanning the system for spyware and malware now.

6.2 Just like I told you, Ad-Aware or Spybot S & D alone cannot find all the threats on your computer — they have to be used together for you to be able to remove all spyware.

Once the search is complete, you will see a list of all spyware objects that were found. They will all be selected by default. You can get more information on a particular object by clicking the small plus icon found on the left of each entry. If any object happens to be a cookie of a website you are visiting on purpose, unselect it so that it stays untact.

The listing of all spyware that was found by Spybot.

6.3 Once that you have decided what to remove, click the Fix selected problems button.

Fixing the spyware problems.

6.4 Spybot will ask you to confirm the cleaning operation it is about to perform. Click Yes.

Confirming the removal of spyware from your system.

6.5 You will be notified that the cleaning of spyware was performed successfully, along with the number of problems that were removed.

Spybot has effectively removed adware from your computer.

And that's it! You now know how to get rid of spyware!

Conclusion

I want to give you some guidelines for keeping your computer safe: Besides Ad-Aware and Spybot, you should absolutely have an anti-virus program installed on your system. The antivirus is the first line of defense.

Spyware and adware-cleaning programs serve only to get rid of any potential harmful objects that show up on your system after you visit specific websites. They cannot keep viruses at bay. A good antivirus program (like NOD32 or Norton) never lets its guard down and scans all the traffic that goes through your computer, both online and offline.

Also, remember to check your computer for spyware regularly: doing it once every month should be fine to keep you safe.

With that being said, I hope that you enjoyed learning from this guide - I really loved writing it! Until next time, stay safe and keep on incerasing your knowledge about Windows!

Downloading, installing and updating Spybot - Search & Destroy

Previous page: Scanning and cleaning your Windows machine with Ad-Aware

Compared to Ad-Aware, Spybot is much easier to set up and its scanning and cleaning process is faster. So let me show you how to use it!

5.1 Download Spybot - Search & Destroy from Download.com. The size of the installer is 4.8 MB. Once the download is complete, double-click on the spybotsd14.exe file to start the installation process.

Beginning the installation of Spybot anti-spyware tool.

5.2 The installer will ask you to pick a language that will be used during the setup. Pick one and click OK.

Selecting a language for the installation process.

5.3 Before proceeding, close any programs that you might have running. And also, make sure to have an active connection to the Internet, because program components will need to be downloaded during installation and also the updates for spyware-related information later. Click Next.

The installer is ready to begin the Spybot setup process.

5.4 Now comes the legal stuff — read it! Unlike 99% of programs out there, the license agreement for Spybot - S & D is funny and by reading it you can see that the author is a really nice fellow (he also explains why the program is free to use). Select The "I accept the agreement" option and click Next.

The cool Spybot user agreement.

5.5 The installer will now ask you where would you like to install Spybot. In the same way as you did with Ad-Aware, I recommend that you leave the default location suggested by the installer. Click the Next button to proceed.

Selecting a location where Spybot will be installed.

5.6 The installer will now give you a list of program components that will be installed with Spybot. I strongly recommend that you check the "Download updates immediately" option. This will make possible for Spybot to update itself immediately upon the completion of the installation, making sure that you have the latest spyware search definitions etc. The Additional languages and Skins options can be left checked, as they don't occupy much disk space and they can be useful. Click Next to continue.

Choosing the components that will be installed.

5.7 The installer prompts you to select a place where Spybot's shortcuts will be placed. Leave the default location and click Next.

The location of shortcuts for Spybot.

5.8 At this point, you can select some additional protection for your system that Spybot can take care of. If Internet Explorer is your browser of choice, you can check the option to Use Internet Explorer protection (SDHelper). I prefer Firefox, which tends to collect way less spyware when I'm surfing the Web, so I left this option unchecked. Also, you may consider turning on the Use system settings protection (TeaTimer) option. If you have a good antivirus program installed on your system, this isn't really necessary.

The additional tasks that Spybot can perform can be selected during installation.

If you'd like to add one more icon to your desktop, leave the appropriate option checked. The same applies for the Quick Launch icon option. When done, click the Next button.

5.9 Every option that you chose so far is shown by the installer. If you are satisified with the selected options, click the Install button to start the installation process.

Spybot is now ready to be installed onto your system.

5.10 The download process will begin now, where you can see the remaining time before all Spybot's components are downloaded to your computer.

The program components for Spybot are being downloaded now.

5.11 Now comes an important part: the installer is prompting you to select a location where the spyware detection rules will be downloaded. Leave the default location, to avoid any possible problems. These detection rules are crucial for Spybot in order to perform a successful spyware/adware search & destroy operation. Without having the newest information on spyware, Spybot isn't very useful, much like an outdated antivirus program. Click Install to continue.

The detection rules used to find spyware and adware will be downloaded now.

5.12 Once the installation is complete, you can click the Show details button if you want to see what detection rules were downloaded and installed by Spybot. Click the Close button.

You can see what detection rules were downloaded by Spybot.

5.13 The final step of the installation is here: be sure that the "Run SpybotSD.exe" option is checked. Next, click the Finish button to proceed.

Wrapping up the installation and running Spybot.

5.14 As a final warning, Spybot notifies you that the removal of advertising robots (i.e. adware garbage) may disabel the use of their host programs. Personally, if I find out that a program I have installed on my computer is using advertising robots, I uninstall it promptly and erase any files associated with it. Check the option to hide this notice in the future (otherwise it will be displayed every time you start SpyBot which is annoying) and click the OK button.

Removing advertising robots from your system may affect the programs that are using them.

5.15 Pay close attention to this and the next few steps: The Spybot main window will show up, but you still can't use it. Read below why.

Spybot - Search and Destroy is loaded now.

5.16 To the left and up from the main Spybot window, a smaller window will appear:

Spybot will make a backup of your registry now.

Here, Spybot is offering you to make a backup of your system registry. This is very important, for the following reasons:

  • While scanning for spyware, Spybot is making a thorough search of your registry for any signs of infection.
  • The registry is the heart of the Windows operating system. It is here that the information on every program that you have ever installed or used is being stored.
  • The registry manages the processes that are being executed at Windows startup. These can include malicious ones, if malware found a way to infiltrate the registry.
  • Once the scan is over, you will be prompted to remove the spyware if any was found. This includes the one found in the registry.

So if the registry gets damaged in any way or another, your computer might experience severe problems or may even become unable to start Windows. Spybot is able to repair any damages caused to the registry from spyware/malware by restoring the original information from the backup. Although a complete spyware disaster scenario is unlikely to happen in majority of cases, making a backup of your registry is a good safety precaution. Before doing that, check out the following:

  • No other programs than Spybot should be running.
  • Turn of your screensaver if you have it enabled.
  • Don't do anything with your computer until the backup process is over — Spybot might crash!

5.17 Click the Create registry backup button.

Starting the registry backup procedure.

Now, Spybot will begin the backup process, although this won't be visible. You just have to wait for a few minutes until the process is completed. How do you know that this process is actually running? Well, the Next button (see below) will become greyed-out and unclickable.

The next button will be turned off while Spybot is backing up the Windows registry.

5.18 The Windows registry backup is complete only when you see this button become active (green) again. Spybot will not advance to the next step by itself, so do not make the mistake of clicking the Create registry backup button again, just click the green Next button.

5.19 Click the Search for updates button to make Spybot look out for any available updates.

Searching for available updates.

5.20 After the search was performed, you will notice that the main program window is displaying all the available updates.

The available spyware and malware detection rules updates are shown.

5.21 Instead of trying to select everything in the main Spybot window, go back to the small window and click the Download all available updates button.

The button for downloading updates in Spybot.

Once this is over, Spybot will close and restart itself to integrate the new spyware search data.

How to find and remove spyware and adware with Spybot - Search & Destroy

Tuesday, December 19, 2006

Scanning and cleaning your Windows machine with Ad-Aware

Previous page: Modifying and adjusting Ad-Aware settings for a thorough scan

    You will now initialize the scanning process. However, before that, I recommend that you do the following:

    • Disconnect from the Internet. This is just to prevent your computer from downloading any updates which it usually does from time to time, like Windows updates, antivirus software updates etc. Ad-Aware's scanning process takes considerable resources and puts your hard disk to intense use. The scanning would slow down if anything were to be downloaded or installed during that time.
    • Also because of reasons specified above, do not surf the Web or use any other programs during the scan. Even if you tried, you would have difficulty doing so (even on a powerful machine with lots of RAM, a good processor, etc).
    • Turn off your screensaver if you have it running on your system. If you don't do that, it will eventually become active, and when you press a key or move your mouse to turn it off, the Ad-Aware program window might be displayed completely black and it will take him some moments to show itself properly again (to come "to its senses", to say so).
    • The scanning process itself may last 5, 10 or even 20 minutes, depending on the size of your hard disk(s) and the number of files stored inside them. So grab a good book or clean that mess in your room which was neglected for a long period because there was always something to do on your computer ;-).

    4.1 Click the Next button.

    Starting the scan for spyware.

    The scanning process will begin. Ad-Aware will be displaying the number of files that have been scanned for spyware, malware and other bugs in the program window's upper right part. During this, the number of spyware objects that have been found will be displayed and updated from time to time, with the total number being shown once the scanning has reached its end.

    The search for adware and spyware has begun.

    4.2 Once the scan is complete, Ad-Aware will show you how many spyware objects it has found, and what level of risk they pose. Click the Next button.

    The amount of malware and spyware found during scan.

    4.3 As you can see, Ad-Aware shows you two groups of objects it has found during the scan: the critical ones and the negligible ones. Let me show you first the bad ones, so click on the Critical Objects tab (see 1 on the screenshot below).

    The list of spyware objects found, both the critical and negligible ones.

    4.4 Here you can see a detailed listing of all critical objects found during the scan. The Name column tells you the kind of object you are dealing with — the image below shows tracking cookies only, but there are cases (on really infected computers) in which some other values will appear, like changes to the Windows' registry and other kinds of malware.

    The column that you should give a look at is the Object column (the rightmost on the image below). Here you can see exactly which websites' cookies were identified as spyware. Maybe you are visiting one of these websites on purpose and you don't want Ad-Aware to delete this cookie, so you shouldn't select it for removal. To see how to do this, proceed to the next step.

    The list of critical spyware/adware/malware objects found during system scan.

    4.5 Right-click on any of the checkboxes in the first column and in the menu that shows up, click the "Select All Objects" option.

    Selecting the spyware objects that are going to be removed from the system.

    4.6 All the critical objects are selected for removal now. Click the Negligible Objects tab.

    The spyware/adware that is going to be cleaned is selected.

    4.7 The negligible objects are those that Ad-Aware considers harmless. If you look at the Type column, you'll see that they all have the same label: MRU List, which stands for Most Recently Used List. These are the lists of files and documents that were recently used and viewed by various programs. For example, among these lists is the one found when you click on the Start button in Windows and then go to My Recent Documents option. Or when you click the File menu in Word for example, you will see the documents that were recently edited or viewed.

    If you need these lists, don't check these objects in Ad-Aware. If not, go ahead and select them all like you did for the critical ones in previous steps.

    The list of negligible objects that turned up after the search for spyware.

    4.8 Finally, click the Next button.

    The button that will start the adware/spyware removal process.

    4.9 You will be presented with a final confirmation window — click OK to remove spyware from your system.

    After confirming the choice, all adware will be cleaned from the Windows operating system.

    Once you do that, Ad-Aware will first quarantine all the objects that were selected for removal and will delete them after that.

    Fine! You have just cleaned many nasty and dangerous critters from your machine, but not all of them, which you will see once you run Spybot - Search & Destroy. Click on the link below to see how to do just that.

    How to download, install and update Spybot - Search & Destroy

    Modifying and adjusting Ad-Aware settings for a thorough scan

    previous page: Downloading, installing and keeping up-to-date Ad-Aware SE

      Before you start the actual scan, you must configure Ad-Aware in such way that it can thoroughly search your hard disk(s) for any possible spyware/malware/adware intrusion.

      3.1 Click the Start button.

      The first step before scanning for adware.

      3.2 Ad-Aware is now asking you to select a scan mode. First, make sure that both the search for negligible risk entries and low-risk threats options are checked — see items marked with 1 and 2 in the image below. Select the "use custom scanning" option (see 3 below). Do not click on the Next button yet! Instead, click the Customize option (see 4 below).

      Selecting a methof of scanning your system for spyware.

      3.3 The General Settings window will pop up. Make sure that all three options in the Safety section are checked (see 1 on the image below). Also, the outdated definitions update found under the Definitions section must be checked (see 2).

      If you want, you can lower the number of days when Ad-Aware will automatically remind you to check for available updates. 14 days is the default option. The "Write logfiles to" option shows the path to the location where all logs are stored after a scan is performed. Write down this location or change the path to a location on your computer where you will easily find these logs. You never know if you'll need them — in case a severe problem shows up, you may consider retaining these logs so that you can email them to someone that might help you or to post them on web boards and forums where you can get help.

      Finally, click the Scanning button (3).

      General settings for Ad-Aware.

      3.4 Select the drives you want to scan for spyware. Select all the hard disks available on your computer (see 1 on the screenshot below), including any removable ones. Floppy and CD drives can be left unchecked — in majority of the cases, these do not get infected with spyware. To make sure that they really don't get infected, you should have an antivirus program installed on your system (this is a must for any computer).

      Once you have checked all the locations you want Ad-Aware to scan, click the Proceed button (2).

      Selecting the disks you want Ad-Aware to scan through.

      3.5 Click the Advanced button (see 1). Check the "Move deleted files to Recycle Bin" option under the Shell Integration section (see 2). If you want, you can add the option to scan files with Ad-Aware inside Windows Explorer (the second option in the Shell Integration section). This is rarely needed, as spyware tends to install itself in system folders, which are rarely browsed. When you download files from the Web, your antivirus program will usually notify you of any potential risks, so there is no need to turn on this option.

      Check all the three options under the Logfile Detail Level section (see 3). Finally, click on the Defaults button (see 4).

      The advanced settings inside Ad-Aware.

      3.6 Remove (delete) both the Default homepage and Default searchpage options (see 1 and 2 on the screenshot below). They should be left blank. Next, click the Tweak button (see 3).

      Removing the default options for Ad-Aware.

      3.7 Expand the Scanning Engine option (1). Do the following:

      • Make sure that the first and the fifth options (Unload recognized processes and Scan registry for...) are checked.
      • The options which are marked with a cross on a red background in the screenshot below) should be left that way.
      • The option that is checked but on agrey background (Ignore spanned files...) is available if you purchase the commercial version of Ad-Aware. Don't worry, Ad-Aware will function perfectly regardless whetheryou are able to tweak this option or not.

      Once you are finished with the Scanning Engine settings, expand the Cleaning Engine option (2).

      Adjusting the settings for the scanning engine.

      3.8 Under the Cleaning Engine settings, make sure that the options marked with 1, 2, 3 and 4 on the image below are checked. There are cases when Ad-Aware will ask you to reboot your computer to be able to remove some malware which was found during the scanning process. Also, it may require to close Windows Explorer and Internet Explorer to be able to clean your system, because if these two are open, some processes are running and they need to be shut down so that the cleaning operations could be performed. Hence the need to chek all these options.

      The greyed-out options and the last option (Disable manual quarantine) should be left as displayed in the screenshot below.

      Modifying the cleaning engine settings in Ad-Aware.

      3.9 Expand the Misc Settings option found at the bottom of the options list (1). Leave the Dump details... option unchecked and if you want, check the Play sound... option. The latter will enable Ad-Aware to play a sound if critical objects are reported to be found at the end of the scan. This is optional.

      There! You have just made all the needed adjustements for Ad-Aware to run a thorough scan through your Windows system. Click the Proceed button (2).

      Miscellaneous settings inside Ad-Aware Tweak Settings.

      3.10 You will be presented with the following screen:

      Ad-Aware is ready to make a comprehensive system scan now.

      Do not click the Next button yet! There are some important things to be made before the scan starts. Please proceed to the next page of this guide by clicking on the link below to see what remains to be done before you can start the actual scanning process.

      Next part: How to scan for and clean spyware from your Windows system with Ad-Aware

      Monday, December 18, 2006

      Remove adware and spyware from your Windows machine using Ad-Aware and Spybot - Search & Destroy

      In this easy visual guide, I will show you how to remove spyware, adware, malware and other annoying and possibly dangerous bugs from your Windows computer. To successfully do this, you will need two applications that are available for free for personal use: Ad-Aware SE from Lavasoft and Spybot - Search & Destroy from PepiMK Software.

      Both of these great applications are needed to effectively protect your Windows machine from spyware, because one does not detect everything that the other does, and vice-versa.

      This guide is divided into six parts:

      1. What is spyware, adware and malware?
      2. Downloading, installing and keeping up-to-date Ad-Aware SE
      3. Modifying and adjusting Ad-Aware settings for a thorough scan
      4. Scanning and cleaning your Windows machine with Ad-Aware
      5. Downloading, installing and updating Spybot - Search & Destroy
      6. Scanning for and removing possible threats with Spybot - S & D

      1. What is spyware, adware and malware?

      If you happen to see many windows which pop up as soon as you are connected to the Internet and start surfing the Web using a browser, chances are that your computer is infected with spyware. Also, a slower Internet connection may also be a sign of an infection. The worst thing that can happen is when spyware opens the doors for trojans and viruses that can do severe damage to your Windows system. How does this happen?

      When surfing the Web, you are following links that lead you from one website to another. Some of websites out there have scripts (programming code) that are being executed upon the arrival of a visitor. A great number of websites leave cookies (small pieces of data) on your computer. A cookie serves to keep track of your visits to a website. If you have browsed Amazon's store a few times, you may have noticed that the website has suggestions for you based on your previous searches. That happens thanks to the cookie which is stored on your computer.

      But, if any of these scripts happen to be malicious, they try (and some succeed) to get inside your operating system and leave a bug inside: This bug then proceeds to collect your personal data, which in turn gets sent to spammers and people trying to sell you stuff that you don't need and after some time, you are not able to surf the Web normally because of the sheer number of pop-ups that begin to show up. This is often called adware, because these pop-ups contain advertising inside them.

      Malware is software that is a virus or installs viruses, worms or trojan horses inside your operating system, which then proceed to erase your data, make your computer reboot, try to connect to the Internet automatically and so on. A real disaster involves malware that if installed on your computer, can track your keyboard clicks: this kind of software is called a key logger. A key logger saves data while you use your computer, sending the sequences of the keys you pressed and sometimes even screenshots to evil-minded individuals, who have the possibility to see your passwords for various websites and/or e-mail accounts, credit card numbers etc.

      All of the above scenarios involve software that is sometimes called adware, spyware or malware. These terms are often used interchangeably. They are all annoying and dangerous. I will show you now how to get rid of these.

      2. Downloading, installing and keeping up-to-date Ad-Aware SE

      2.1 To begin, download Ad-Aware SE for free from Download.com. The size of the installation file is about 2.7 MB, so it won't take long to download it, even if you are on a slower connection. Save it somewhere where you will find it fast: usually it is the desktop, or maybe the My Documents folder if you have set it as the default location for all your downloads.

      2.2 Once the download is completed, find and double-click the aawsepersonal.exe file. The installation will begin automatically.

      Beginning the installation of Ad-Aware

      2.3 The image below shows the Ad-Aware installation startup screen. Before you click the Next button, it is recommended that you close all the Windows programs that are currently open. Also, consider shutting down your antivirus program, as it might possibly detect Ad-Aware as a harmful program, which it is not. Some antivirus programs (for example, NOD32) don't have any problems with you installing Ad-Aware.

      Starting the installation of Ad-Aware.

      2.4 Read the License Agreement: you should be aware (no pun intended) that Ad-Aware is free for personal use. If you agree with the terms, check the "I accept the license agreement" option and click Next.

      The Ad-Aware legal agreement.

      2.5 The installer will prompt you to choose a location for installing Ad-Aware. If you don't have a specific reason to install the program in a particular location, it is best to leave the default setting. Most Windows programs tend to work best if the default parameters were selected during installation. If you are not well skilled with a particular program or the Windows operating system itself, you might have trouble figuring later what to do in case that something shows up and the default locations weren't selected. Again, click Next.

      Selecting the location for installing ad-aware.

      2.6 You will now be presented with the option to install the program for the current user only (you) or to make possible for anyone who is using the computer to be able to use Ad-Aware. You never know when something might happen — someone needing to quickly eradicate spyware from the machine, or maybe you losing the password for your account temporarily. Selecting the option that enables anyone to run Ad-Aware is reasonable. Click Next.

      Selecting if the program will be used by all accounts on a computer or a single one.

      2.7 As the last step in the installation, three options are presented to you. Make sure to check the "Update definition file now" option. By doing this, the installer will automatically download the latest updates and defintions needed to fight the newest spyware and adware. Uncheck the "Perform a full system scan now" option, because you will be making setting the options for a custom scan later. Uncheck the "Open the help file now" option too, as you don't need to go through it now. Before clicking the Finish button, make sure that you are connected to the Internet. If your computer isn't connected to the Internet and you proceed, Ad-Aware won't be able to download the updates, and the scanning becomes much less effective, if not futile. Also, Ad-Aware sometimes becomes unresponsive and crashes if you order it to get the updates and there is no Internet connection available!

      The last step of the installation.

      2.8 Zap! The installation is finished and you will soon see a small window pop up where Ad-Aware is showing how much remains for the updates to be downloaded. If you look at this window, you will see that the currently installed definitions file (the one included with the downloaded installer) is dating back to the first half of 2005! That's why I stressed the importance of having a live Internet connection so that the updates can be downloaded. A year and a half (this guide is made at the end of 2006) in Internet time means decades. There was so much new spyware, adware and other garbage made during that period of time that having an outdated definitions file means your program is as good as dead. You will see that new spyware gets produced on a daily basis because Ad-Aware will very frequently prompt you to download updates — it reminds you to do this automatically, which is excellent.

      Ad-Aware is downloading the latest updates against spyware and malware.

      Click on the link below to go over to the next page and see how to set up Ad-Aware for optimal performance.

      Next part: How to modify and select the settings in Ad-Aware for a powerful scan