Go Back   The Scream! > COMPUTER RELATED > Spyware Removal

Reply
 
Thread Tools Display Modes
  #1  
Old 25-January-2005, 20:26
prying eyes
Guest
 
Posts: n/a
Default Tips for keeping your pc free of spywares

TIPS TO KEEP YOUR PC FREE OF SPYWARES

Do you have "Spyware" on your system? Parasites or an Unwanted Search Engine? Don't panic -- this is a learning experience on how some of these so-called friendly companies treat you as a valued customer! You will be totally surprised to know how sneaky and underhanded some of these companies are.

What is Spyware? A technology that assists in gathering information about a person or organization without their knowledge. On the Internet, "spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. "These type applications also in many cases can cause unknown browser problems.

How did this happen?
When your Security settings are "soft" these sites take advantage of this and actually install software on your system without your knowledge or consent. In other cases downloaded software comes bundled with other "components" (spyware\adware) that you don't realize exists until you start having problems or discover your browser has been hijacked.

Recommended Minimal Security Settings
In most cases the "default" settings are not enough to properly protect your machine. In other cases, the new rash of Trojans will actually lower your Security settings for the "Internet Zone", thus bypassing any security you thought you had. To reset your machine to the Default Level:
Close all instances of Internet Explorer and Outlook Express
Open Control Panel | Internet Options | Click on the "Security" tab
Highlight the "Internet" icon, click "Default Level"
To setup the "Internet Zone" with a Custom Level (recommended)
Next: Click on the "Content" tab, Click the "Publishers" button

Highlight and click "Remove" any unknowns, click Ok

Why is this so important? [read this]

Click on the "Advanced" tab
Uncheck: "Install on demand (other)", click Apply\Ok
To test your setup after making the above changes [click here]

How To: Prevent this from happening again?
The first thing you must remember is that adware\spyware tools are basically for removal after the fact. The trick is "Layered Protection for maximum prevention"!

1) Use a HOSTS file and keep it updated!
2) Make use of the Internet Explorer Restricted Zone
3) Install a firewall (see - Security Issues)
4) Install an Antivirus program (see - Security Issues)
5) Add a Startup Monitor (freeware) to protect your system [more info]
6) Improving the security of your computer (Microsoft)
7) Add SpywareBlaster 3.2 to your "Layered Protection"

How To: Safely remove these Parasites from your system

Beware of Imposters - before you use, install or purchase an "Anti-Spyware" product

Read this first : Rogue/Suspect Anti-Spyware Products & Web Sites

Experienced Users: SpyBot 1.3 http://security.kolla.de/
Once installed make sure to update via online before scanning! [download site2]
Fix the items labeled in red, items labeled in blue-green are optional.
Spybot S&D Support Forum: [Net-Intergration] How To: [Tutorial]

One of the newer tricks Coolwebsearch uses is to block the infected user from accessing most major anti-spyware programs and sites. If you are experiencing this problem, then Download: CWS.SmartKiller [site2]

Novice Users:Ad-Aware SE Personal 1.05 http://www.lavasoftusa.com/
Once installed make sure to update via online before scanning! [download site2]
Lavasoft Support Forum Note: Lavasoft also has a HijackThis section at their Forum.

Double-check your system with HijackThis! (after using one of the above programs)
Download: HijackThis 1.99 from: [author] [site1] [site2] [site3]

Note: Since HijackThis does not (yet) come with a install routine, create a folder via Windows Explorer for HijackThis, then move the file to this folder. This way any backups created are saved in a legit folder. You should also make sure you are using the latest version each and every time you run HijackThis, as there are new detections added all the time.
Unzip, double-click "HijackThis.exe" and Press "Scan and save".
When the scan is finished, the "Scan" button will change into a "Save Log" button.
Click: "Save Log" (generates: "hijackthis.log") HijackThis Tutorial (recommended read)

Next, go to: http://www.hijackthis.de/index.php

Now, either copy / paste the Hijackthis Logfile into the white box or upload the saved file from your PC using the browse function. Select the "improved analyzing" option too. Click on "analyze" button. Go through the results. Anything with a "RED EXCLAMATION" mark can be safely fixed. Fix other results as needed. If you are in doubt post the logfile in any forum that deals with spywares and ask for confirmation. You can also save the results for three days in the website for future reference or save the page to your harddisk by rightclicking and "save page as".

Dealing with Coolwebsearch and affiliates
CWShredder 2.12 - Originally developed and updated by a graduate student in the Netherlands, CWShredder™ is now maintained by InterMute.
Download: direct from InterMute or MajorGeeks
Removes most Coolwebsearch and affiliates infections read this first!
Then follow up with either Ad-Aware and\or SpyBot, and then run HijackThis!

·More info on Coolwebsearch and the gang [eTrust PestPatrol Article on CWS]

Note: there are now nearly 10,000 Coolwebsearch affiliates!
They do this as a "Pay-per-Click" scheme, basically getting a few cents for each user that gets hijacked to Coolwebsearch or one of it's major affiliates. Nice guys huh? Most of these affiliates are Adult related, so be careful where you surf and practice Safe ***!

Additional Prevention
Both the HOSTS file and the Restricted Zone entries target most of the major parasites, hijackers and unwanted search engines. If you are also having trouble with unwanted pop-ups - [start here] There are however several severe security risks that still exist in Internet Explorer. Until Microsoft releases a (hot fix) patch, users can protect themselves by taking several other steps. [more info]

Various Registry Fixes

·RepairIE4XP.reg [right-click and select: Save As] - Restores the IE search URLs, HTTP prefixes, and many others.

·RepairDefaultPrefix.reg [right-click and select: Save As] - Repairs the corrupted or altered (spyware) HTTP prefixes
Note: HijackThis can also repair the DefaultPrefix entry [more info]

·RepairTabs.reg [right-click and select: Save As]
1) Restores the missing Tabs in IE (usually spyware related)
2) Unlocks the grayed-out Home Page section
3) Removes the Administrator message in Internet Options

Note: HijackThis can also repair the "Missing Tabs" restriction [more info]·

·UnlockNoBrowserOptions.reg [right-click and select: Save As] - Removes the Administrator message in Internet Options

SpyBot also has this option in the Immunize section [more info]

·EnableRegistryTools.reg [right-click and select: Save As] - Unlocks the "Disable Regedit" entry, or use HijackThis [more info]

·UnlockHomePage.reg [right-click and select: Save As] - Unlocks the grayed-out Home Page section on the General Tab

Tip: Prevent your "HomePage" setting from being Hijacked

To use: download - right-click and select: Edit to view in Notepad.
Right-click and select: Merge - to enter the info into the Registry, and reboot.

Important Note: Always backup the Registry before making any changes. Also be aware these reg files are intended for stand-alone or home users.

Removing Unwanted IE Menu Items

  • Scan your system with Ad-Aware or SpyBot (see above)
  • Run HijackThis! and select the "08\09" items you want removed. [more info]
To manually remove from the Registry [Experienced Users]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
  • Click open "+MenuExt" (left pane) Locate the desired Menu Extension (highlight)
    Make a note of the corresponding (htm) file (right pane)
    Right-click the desired key (Menu Extension) select: Delete

    Note: always Export before editing the Registry.
  • Close Regedit, Open Windows Explorer
  • Locate and delete the "corresponding (htm) file" (if exists)
Repairing your Winsock Connection

If you have suddenly lost your Internet connection after removing spyware (such as NewDotNet, and Commonname) the following steps will help restore your connection.
Note: in a emergency situation you can get ToolbarCop v3.2.1, to fit on a floppy disk, and transfer to the affected machine.

Hope these tips will keep your pc free of all spywares.

Credits go to: http://mvps.org/
Reply With Quote
  #2  
Old 16-March-2005, 16:08
villduck
Guest
 
Posts: n/a
Default Re: Tips for keeping your pc free of spywares

Thankyou for this. Much food for thought. One day I'll feel secure, well thats probably wishful thinking. But.................
Reply With Quote
  #3  
Old 16-March-2005, 17:45
Worldlife's Avatar
Worldlife Worldlife is offline
Safe Sane Consensual
 
Join Date: Apr 2001
Location: West Sussex, UK
Posts: 14,843
Default Re: Tips for keeping your pc free of spywares

Well done Prying Eyes.....

Maybe this should be made a sticky. Hope my current defenses are maintained and I don't need it.

Thanks for your efforts. :cheers:
Reply With Quote
  #4  
Old 24-February-2012, 19:07
Handock Handock is offline
Screamer
 
Join Date: Feb 2012
Posts: 4
Default Re: Tips for keeping your pc free of spywares

fab - thanks for this exactly what i was looking for
Reply With Quote
  #5  
Old 21-March-2012, 11:33
slambus slambus is offline
Registered User
 
Join Date: Mar 2012
Posts: 1
Default Re: Tips for keeping your pc free of spywares

fab - thanks for this exactly what i was looking for
Originally Posted by Handock View Post
Wow reviving a 7 year old thread now thats some skill :P haha
Reply With Quote
  #6  
Old 21-March-2012, 12:35
Markhardy Markhardy is offline
Registered User
 
Join Date: Mar 2012
Posts: 2
Default Re: Tips for keeping your pc free of spywares

Thank you very much for this post. Currently i am using Avast Antivirus, Malwarebytes and Superantispyware. I am satisfied with their performance.
Reply With Quote
Reply

Tags
bundled, computer, connection, deals, free, harddisk, hijacked, hijackers, hijackthis, home, internet, line, lost, make, online, product, security, settings, software, tools, web, windows, zone

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Giointernet to Offer Totally Free Internet for Night Owls Ian News 1 31-May-2003 22:12
Tiscali offers FREE connection PLUS a FREE broadband modem gem Broadband Internet Access 5 14-December-2002 14:32


All times are GMT +1. The time now is 00:28.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Copyright ©1999-2014 The Scream!