Return to my home page
Me Humour Links Pics Articles Feedback Updates Map Info Fun Search

- Is Your Computer Secure? -

One of the issues that is becoming more and more an issue on the Internet these days is the whole area of viruses, hackers, spyware, adware, and browser hijackers.

Simply put, spyware is any software that has found its way onto your computer system, usually (but not always) by stealth, that "watches" what you are doing. At the most mundane level, it's usually "adware" (a coin termed from advertising software) and comes about because of greedy marketing tactics. At the more serious level it can be software that is designed to report back every keystroke and mouseclick you make and thus can be used to steal passwords, credit card details, and other sensitive information that you would not want revealed.

Most of the time, this stuff gets onto your computer as a result of having visited certain websites or having downloaded certain programs. Unfortunately, some well-known free downloads contain much more than is usually bargained for.

As the presence of this sort of thing rises, so does the determination of users to rid themselves of it. There are a few antispyware programs on the market, and this article is aimed at helping you detect and remove such malware without having to pay out any money, even if you don't have much computing experience.

Please note that although trojans (Trojan Horses) should be removed by regular anti-virus software, some of them do not fall within the definition of "virus" as given by the anti-virus software providers, thus running a virus scan will not always rid you of such menaces.

So, what can you do to make sure you don't have anything on your system watching where you go, what you do, and tracking you all over the Internet?

Firstly, despite what I've said above, you must get hold of a good antivirus package if you don't already have one. Viruses are a real security threat and if left unchecked a virus can (and usually will) do untold damage to your system, including compromising on its security. Make sure you keep it up-to-date as well: given the choice between running a full virus scan using two-year-old virus definitions and not bothering at all, you'd do better to not bother. It'll do no more than waste your time.

For a good, free anti-virus package you can use AVG AntiVirus; it's pretty good since it doesn't cost a bean! Grisoft does, of course, offer a paid solution as well that will inevitably be far better, but for the free version you get a fully functional piece of software and timely virus updates.
Another good free antivirus product is offered by Avast. Like all programs of this nature, update it immediately after installation to get the latest virus definitions and have it perform a full system scan. It will then rid you of all the latest virus threats as well as any older ones.

The next thing to consider is getting a firewall. A firewall is a program that "shields" you while you're on the Internet, making it harder for hackers to get in and steal valuable information with you being blissfully unaware. You tell it what programs are allowed to access the Internet (if this is not done for you by the firewall setup), and any other programs must ask for permission from you before they can make a connection. The one I use is the free version of Zone Alarm, produced by Zone Labs. Another very good firewall that is free for personal use is the Sygate Personal Firewall. Some prefer one over the other, but they're both good solutions. Be sure to follow the instructions for use once downloaded and installed - if you're a novice this can be a bit daunting at first.
Unlike anti-virus packages mentioned above, firewall software does not need continually updating although it is definitely worth checking from time to time to see whether a program update is available.

Now we come to the spyware and adware issue. This area is less well-developed than the areas mentioned above, but is still very real and often extremely troublesome. One easy way to determine whether you may have spyware and/or adware on your system is to determine whether you are experiencing any of the following:
  1. Your computer has suddenly started working much slower than it ever used to.
  2. You get pop-up ads on sites that do not usually deliver pop-up ads (such as Google).
  3. Your homepage has been changed to something unwanted, and nobody using the computer has changed it.
  4. If you mistype a website address, you get redirected to an unwanted site or search engine.
  5. Your homepage keeps getting changed to an unwanted site, even after you have changed it back.
  6. There is a search bar on your browser that you don't remember installing.
  7. Some "free" software such as some file-sharing programs have been installed.
  8. The computer has been / is being used for downloading from pornographic websites.
  9. The Internet options panel is disabled and you can't change your homepage.
  10. Attempting to visit certain reputable sites results in being redirected to a different search site or a pornographic site.
  11. You've got a number of unwelcome websites in your Favourites list.
  12. Sites have been added to your "Trusted Zone" that you don't recognise and certainly don't remember adding.
  13. Visiting some anti-spyware sites causes your browser to be closed down.
  14. Some anti-spyware programs are closed down as soon as they are run.

This list is by no means exhaustive, but if you've answered some of those in the affirmative you may want to read on. Spyware and adware can be very tricky to remove, but don't worry; help is at hand!

Before going any further, I need to ask you a question: Do you use file-sharing (peer to peer, often abbreviated to P2P) software such as KaZaA? If so, please note that many of the free versions of such software comes bundled with a lot of advertising software, and removing this may violate your EULA (End User Licence Agreement) or render your P2P program unusable. This is because, although they are not targeted for removal by anti-spyware software in and of themselves, they might detect when their associated adware has been removed and may thus refuse to work. They may take you to a webpage advising you to redownload all the adware to "fix" your installation.
If this happens, you have a number of choices open to you: In the specific case of P2P software, please see this article at SpywareInfo.com for a good write-up of what to choose and what to avoid.

OK, with that out of the way, here are a few guidelines for cleaning your system up and reminaing clear!

Firstly, download the free Spybot Search and Destroy, written by Patrick M. Kolla. Once installed, update it immediately and then have it check for problems. Everything that needs fixing will be highlighted in red, so get it to fix everything it highlights in this way. If you are able to run the program OK (which will usually be the case), please click here to continue.

If Spybot Search and Destroy was closed down automatically as soon as you ran it, then you've got a certain peice of malware on your system known as Smartfinder. This will need removing immediately, and to do this please download and unzip the free CoolWWWSearch.SmartKiller MiniRemoval tool. Close all other applications down, and run this tool. When done, exit the tool and reboot your system. You should then find that Spybot Search and Destroy will run OK. Update it and have it scan your system in the manner described above.
 
Secondly, get hold of the free Ad-aware - it is produced by a company called Lavasoft. Install it and run it. If it runs perfectly OK without closing down immediately, please click here, otherwise please read on.

Ad-Aware is also a target of the same Smartfinder referenced above. Because the tool mentioned above completely removes it, you should find that Ad-Aware will work properly. However, if this is not the case, please download the free Ad-Aware Cloak, again from Lavasoft, and run it prior to running Ad-Aware itself.
 
Once Ad-Aware is running, immediately check for updates using the Live Update feature. Update the "reference file" - the definitions file it uses to recognise different targets for removal. Have it remove everything it identifies as a threat on your system; much of what it finds will be what are called "tracking cookies".

Please see here (new window) for full details on obtaining effective scans using both Spybot Search and Destroy and Ad-Aware.

Once the scan has completed, exit Ad-Aware, followed by Ad-Aware Cloak if you needed to run it. Reboot your system to effect a full and final removal of the items it identified.

Treat these pieces of software as you would your anti-virus software; i.e. update them as regularly as you would your anti-virus software, remembering that they work on a different type of target.

These two programs used in combination form a very effective spyware repellant, and will alone rid you of most of the malware that may have crept onto your system. However, there are a few more pernicious ones that require some special attention.

CoolWebSearch has become a much-hated name in the anti-spyware community, and it's not difficult to see why. It is a browser hijacker that has been modified many times by its creators, and has probably been modified a few times while this article was being written. It hides in the most unexpected places on your system, and often hijacks browsers to unwanted search sites and pornographic sites. If you find that you're getting this kind of thing even after a full clean-up with Spybot Search and Destroy and Ad-Aware, chances are you've got a CoolWebSearch infection. In fact, you may have observed that the Smartfinder problem dealt with above is actually a variant of CoolWebSearch!

To remove this, download and run the free CWShredder. This tool, especially designed to eradicate CoolWebSearch from peoples computers, was written by Merijn Bellekom, a Dutch developer who is very active in the anti-spyware community. It has now been sold to InterMute, who make a paid product called SpySubtract.

Once downloaded, unzip it. Close all other applications down and run it. Click on Fix (as oposed to Scan Only) and let it run its course. When done, it will advise you of what it has removed (if anything). Exit CWShredder. If it has removed anything, you must reboot your system to effect a complete removal.

There are a few other things that are beyond the scope of this article to deal with; however just following the guidelines here should get you pretty much freed up. If you think you may have further problems not dealt with here, then there is one more course of action you can take.

Download HijackThis, and install it into its own folder (it is very important that you do NOT run it directly from the desktop, zipped location, or any other temporary location should you need to use it to fix anything). (Again, if that location fails then try this instead.) There is a tutorial there on how to use it and deal with scan results, but here are the basics:
  1. Click on Scan to have it scan your system and check for potential problems
  2. The scan will only take a few seconds.
  3. The Scan button will change to Save Log. Click on this and you will be prompted where to save the log file. After saving the log, a Notepad session will open containing the scan results.
  4. Very Important! Please do NOT, whatever you do, attempt to have it fix anything at this stage. Much of what it lists is either harmless or essential to the running of your system, and going it alone could result in worse problems than you're trying to resolve.

Take a look at the HijackThis tutorial at the download location, and deal with anything you feel comfortable with. If in doubt over anything at all, don't fix it! Also, whatever you do, do not fix anything on a "let's-try-this-and-see-if-it-works" basis as this could lead to an unusable system!!

Visit the security forum at a technical site such as one of the following:-
Register if required, read up on any prerequisites, and find the appropriate place to ask about your log. You will almost certainly need to start a new thread, maybe providing the following information:

But do read the prerequisites: for example, some forums may not want to see a HijackThis log until certain other procedures have been followed. Someone will see your thread and give directions as to what to do in order to get you clear. This may be an iterative process involving multiple postings of HijackThis logs into your thread.

Even if you think you've zapped the lot, it may be worth going to one of those forums to get an expert to give you a quick "check-up" - some baddies hide in your system and it often takes a trained expert to pinpoint any remaining items that need to be dealt with.

Once you're clear, you'll probably be asking how you can remain free of spyware in the future. There are a number of steps you can take here, so I'll outline a few more good free solutions.

Firstly, ensure you are up to date with ALL the Critical Updates from Microsoft. A lot of viruses, spyware, browser hijackers, and adware install themselves stealthily by exploiting security loopholes within Windows and Internet Explorer themselves. There should be a link to Windows Update in your Start menu, but if not you can get there by following this link: Windows Update. It is essential you do this from time to time even if you do not use Internet Explorer as your Web browser. In many cases, you must use Internet Explorer for your Windows updates though. This will help prevent some of the stuff you've just got rid of from being able to return.

Secondly, use the Immunise feature of Spybot Search and Destroy. The program's database contains a list of known bad websites, and it adds these to a system file which controls what sites you have access to. The known bad sites are added in such a way as to block them from being accessed on your computer. As an added bonus, you will also find that some other sites become free of banner advertising from certain third parties as the banners are prevented from being downloaded. This will have the effect of speeding up your browsing experience!

Next, you can download Spyware Guard from Wilders Security. This works just like an anti-virus package, except it targets spyware instead of viruses! Thus it will prevent spyware from ever being installed onto your system in the first place. Nice, eh?

Another program you can use is Spyware Blaster also from Wilders Security. This works differently from Spyware Guard, and the end result is to prevent spyware from getting onto your system by "killing" it before it even gets there!

Did you know that Windows itself also tracks your activities? It keeps logs of activities in MRU (Most Recently Used) lists. Again, Wilders Security has a solution to this with its MRU Blaster package. This can be set to scan every now and again (such as every 5 minutes or once every hour) and clear such lists down.

Finally, there is System Security Suite - a suite for clearing down the various other lists kept by Windows, and also deleting those dreaded "index.dat" files as well as many temporary files. A word of caution here though: some of the lists kept by Windows may actually be quite useful, so using this (or any other) program to zap them will result in having to build up the useful lists from scratch again!

It's worth re-iterating that you'll need to keep much of this software up-to-date with the latest definitions, just as you would your anti-virus package. In the case of Spybot Search and Destroy and Ad-Aware, update and run a scan every now and again - say once a week, and have it fix anything it highlights as a threat, exactly as before.

There are official support forums for Spybot Search and Destroy at Net-Integration.net, and for Ad-Aware at Lavasoft's Support Forums. You can receive support at both for other malware-related issues as well.

I think that's all I want to say in this article; whichever programs you go with may need updating from time to time, so read the documentation as to what is required for each one. Hopefully, if you've stayed with this article, you'll be MUCH more aware of the dangers lurking for unsuspecting surfers, but now you'll know what to do, and maybe even how to help a friend in need.....

Return to the top of this pageTop    

Return to my home pageHome

Return to Funstuff base pageFunstuff

Return to Articles base pageArticles

Site MapMap
Extradisambiguator Need an Extradisambiguator? Click here! Extradisambiguator