My Profile
Active Members
TodayLast 7 Days
more...
Awards & Gifts
Online Exams
Fresher Jobs
Our fresher job section is exclusively for fresh graduates! Find jobs for freshers in major Indian
cities including Bangalore, Chennai, Hyderabad, Pune or Kochi
Resources
Find educational articles, blogs, discussion threads and other resources.
Colleges
Find details about any college in India or search for courses.
|
Resources » Articles/Knowledge Sharing » Computer & Technology »
How to get rid of spyware/ adware from your computer
|
If your computer are infected by spywares/ adwares, it could be causing your computer to run slower or redirection to other site (i.e. when clicked on links, redirects to other sites, not which you are looking for). This kind of problem indicates that your computers are infected by the spyware or adware.
This article explains how to to eliminate spyware or adware from your computer.
Procedures:
Please follow the steps below in order to eliminate the infection and clean up your computer:
1. Download the "HijackThis" Installer from this link and install it. Then, create a log file of possible malware with HijackThis so you can analyze the results.
2. Download the Pocket KillBox Pocket, Spybot - Search & Destroy ( free available ) and BlackLight Rootkit (detects objects that are hidden from users and security tools ). You will need them later to delete parasite-related files and folders.
You can grab Spybot Search and Destroy download from The home of Spybot-S&D! and Blacklight from here
Note: Unless you are an expert computer user, you may wish to create a log file of possible malware HijackThis finds and then analyze the entries by yourself ( if you're able to do so ) or report the information to a computer expert or a computer security support website for possible help.
3. Use HijackThis to fix suspect entries and check those which are suspected. After you check suspect items, close all browsers and windows except for HijackThis, then click the Fix Checked button. Reboot after fixing.
4. Clean all your Cookies, Recycle Bin and Temporary Internet Files.
5. Run the PANDA online virus scan (availabe at http://www.pandasoftware.com/products/activescan.htm)
- Once you are on the PANDASCAN site click the Scan your PC button - A new window will open...click the Check Now button - Enter your Country - Enter your State/Province - Enter your e-mail address and click send - Select either Home User or Company - Click the big Scan Now button - If it wants to install an ActiveX component allow it - It will start downloading the files it requires for the scan (Note: It may take a couple of minutes) - When download is complete, click on Local Disks to start the scan - When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
Finally, restart your computer once more.
OR
Run EWIDO anti-spyware micro scanner ( available are http://www.ewido.net/en/onlinescan/ ).
For EWIDO:
- Before running the Ewido scan, please make sure your browser settings allow ActiveX controls. If your browser has ActiveX controls disabled, then
To enable ActiveX Controls, please follow below steps:
1. Click on Tools > Internet Options > Go to Security tab > Select Internet > Click on Custom Level
2. Enable below components related to ActiveX Controls:
a) Run ActiveX controls and plug-ins. b) Script ActiveX controls marked safe for scripting.
6. Once in Safe Mode, use Pocket KillBox that helps to delete those annoying files that will not let themselves be deleted, no matter what you do.
7. Now run Spybot program, it will detect and remove the spywares/adwares infection from your computer. Reboot your computer.
8. Then, run BlackLight Rootkit ( it detects objects that are hidden from users and security tools ) and it scans your computer for rootkits. I mean, BlackLight is a tool that detects files, folders and processes that are hidden from the user and other programs and is also able to remove hidden malware by renaming them.
BlackLight Rootkit log looks like as given below:
05/19/08 15:21:49 [Info]: BlackLight Engine 1.0.70 initialized 05/19/08 15:21:49 [Info]: OS: 5.1 build 2600 (Service Pack 2) 05/19/08 15:21:49 [Note]: 7019 4 05/19/08 15:21:49 [Note]: 7005 0 05/19/08 15:21:56 [Note]: 7006 0 05/19/08 15:21:56 [Note]: 7011 1776 05/19/08 15:21:56 [Note]: 7035 0 05/19/08 15:21:56 [Note]: 7026 0 05/19/08 15:21:57 [Note]: 7026 0 05/19/08 15:22:02 [Note]: FSRAW library version 1.7.1024
05/19/08 15:33:45 [Note]: 2000 1012
HELP: Downloading, Installing and HOW-TO: using the tools
Blacklight:
To download Blacklight, goto the link ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe and install it. It is a tool that detects files, folders and processes that are hidden from the user and other programs. BlackLight is also able to remove hidden malware by renaming them.
For BlackLight Help, please go to the following page:
http://www.f-secure.com/blacklight/blacklight_help.html
BlackLight creates a log file "fsbl-.log". By default, the log file is in the same directory as the executable.
Pocket KillBox:
a) Download Pocket Killbox: http://www.downloads.subratam.org/KillBox.zip. Place it in a folder on your Desktop.
b) Extract Pocket KillBox from the zip file and double-click on Killbox.exe to run it.
c) In the main screen of Pocket KillBox, go to Tools in the top menu bar, and select: Delete Temp Files.
d) When done, and back at the main screen of KillBox, select the option: Delete on Reboot.
e) Then, in the Full Path of File to Delete box, copy and paste suspected entry, if any:
For example:
C:\WINDOWS\system32\csjrm.exe
- Press the button with a red circle and a white X (Delete File button) - Click YES at the Delete on Reboot confirmation prompt. - Click NO at the request to reboot ( if you don't have any files to delete, click YES ).
f) Do the same for other file, and select No at the request to reboot!
g) On this last file, close KillBox and Notepad, and Reboot the computer!!
e) Run HijackThis and post a new log, also run Blacklight again and analyze the log from it.
Once you have done it and if you find there any WareOut infection, please follow instructions below to fix them.
You may want to print out these instructions for reference, since you will have to restart your computer during the fix.
FixWareout:
Please download FixWareout from one of these sites: http://downloads.subratam.org/Fixwareout.exe http://swandog46.geekstogo.com/Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, then make sure "Run fixit" is checked and click Finish. The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
When your system reboots, follow the prompts. Afterwards, HijackThis will launch. If it does, you have nothing to do. Just close the application.
Delete all you cookies, Tools/Internet Options delete cookies.
* Restart your computer in Safe Mode, start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when you see the Boot Menu. * When the Windows Advanced Options menu appears, select an option, and then press ENTER. * When the Boot menu appears again, and the words "Safe Mode" appear in blue at the bottom, select the installation that you want to start, and then press ENTER.
Then run EWIDO. Anything left?
Reboot normally.
For more details, visit http://airakesh.com/blog/archives/2009/11/troubleshooting-how-to-eliminate-spyware-or-adware-from-your-computer/
|
|
Responses to the resource: "How to get rid of spyware/ adware from your computer"
|
| Author: Aroma 27 Dec 2009 | Member Level: Silver Points : 1 | Hi Aira,
It is very important resource which can be use to watch and remove your spy from your computer.
Now day, tthis type of spy is very common and get the way when you are working with internet frequently.
Thank you.
regards
| | Author: Hanly Y Nadackal 16 Jan 2010 | Member Level: Gold Points : 2 | I wonder why this article was not been paid.It was a nice article.
With Regards,
Hanly Y Nadackal
Any problems with Computer?
|
|
|