How-To Remove Spyware

 

3/22/04 Source: Neowin Forums

Spyware: it's a pain. We don't want it, yet it really wants us. Here's a great guide written by Neowin Forums member mAcOdIn on how to remove it, and protect yourself against it in the future.

This article is more of a preventive measure than a fix and will harden Internet Explorer security, but at the same time retain its functionality.

 

First in Tools, Internet Options, Advanced, uncheck "Enable Install On Demand (Internet Explorer)" and "Enable Install On Demand (Other)" and "Enable Third-Party Browser Extensions (Requires Restart)" choose Apply and OK. Also ensure your internet security setting is at least medium (unless you know what you are doing and have made it custom).


Go to http://www.windowsupdate.com and make sure you have all the latest updates.

Then download Suns Java JRE from http://java.com/en/index.jsp (the link you want to hit is the "get it now" in the top right). Running Suns Java protects you because it has less exploited vulnerabilities than Microsoft's Java. Lots of spyware use holes in Microsoft's java to install their spyware, so switching to Sun closes a lot of holes.

Download: Sun Java

Then download Spybot Search and Destroy from http://www.safer-networking.org/ run it and make sure to let it download the newest updates. Now go to Spybots immunize function and under "permanent internet explorer immunity" choose immunize, then under "permanently running bad download blocker for internet explorer" select "ask for blocking confirmation and choose install.

Download: Spybot S&D

Next, download spyware blaster from http://www.javacoolsoftware.com/spywareblaster.html run it and ensure it's fully updated. Now choose "select all" and then hit "Protect Against Checked Items". Just for reference all the items that are in red are items that Spybots immunize doesn't protect you against that's why you should use both programs.

Download: Spyware Blaster  (If you get "page cannot be displayed", try again later.)

Both Spybot Search and Destroy's immunize function and Spyware Blaster are one time settings, these programs no longer have to be running to keep you from getting infected with the stuff they block against. What they do is disallow any active program that was known to them at the time you immunized.  With both Spybot and Spyware Blaster it is important that you check for updates every two weeks or so and re-immunize when new updates are released to stay current. Spybot's other immunize function ("permanently running bad download blocker for Internet Explorer") installs a BHO that will ask you for permission to block other known bad BHO's from installing. BHO's are really not needed and fairly rare and most people only have the adobe acrobat BHO. You could have set this option to always block but I chose "ask for blocking confirmation" for those people that use something that uses a BHO.

Now download both DSOstop2 and HTAstop2003 from http://www.nsclean.com/freebies.html and run both of those. DSOstop2  |  *HTAstop2003
 
 *In addition there's another great free utility that you can run but unlike everything above it has to always be open just like an antivirus program called spywareguard from javacool. You can download it and run it as well to further increase your security against spyware if you choose. It's available here: http://www.wilderssecurity.net/spywareguard.html

Download: Spyware Guard

That should beef things up considerably. Having a good antivirus is also helpful because many of them are starting to add spyware to their definitions, for instance my McAfee 8 caught that spyware was trying to install.

I hope this helps you guys because these settings are pretty solid but at the same time loose enough that you can still have active scripting enabled and activeX. Granted you could disable those as well but at that point you might as well go download an old version of Mosaic browser because it isn't worth using IE with everything disabled.

View: Neowin Forums

 

* A note from the Wise Old Blogger: If HTA Stop 2003 prevents access to User Accounts in your Windows XP Control Panel, then run the program again and "Permit HTA apps".

Do not install Spywareguard if you are already using an Antivirus program.  Spywareguard could render your computer unstartable when combined with Norton Internet Security Pro, for example. However; Spywareblaster, causes no conflicts.

Also, unchecking "Install on Demand" in Internet Options under the Advanced tab could prevent the automatic installation of language files.

 

Neowin.net Articles

Ad Agency | Home | Frames Page

Wise-Old-Blogger.com All Rights Reserved
Contact Webmaster@Wise-Old-Blogger.com.