The Spyware Removal Process

by on Jan 16, 2008 | 1 comment

Now that you have been introduced to some of the spyware tools that are available, there is a general procedure of attack to rid your system of that pesky software.

First, identify any odd-ball applications listed in Control Panel > Add/Remove programs. You will need to be online to remove certain spyware applications because they require you to go to their website’s uninstall interface. Read carefully! They try to trick users by using odd wording to keep the spyware installed. For example, it could say, “Are you sure you don’t want to uninstall our software? Click yes or no.” In this case, the answer is “No”. Those double negatives can be confusing.

Uninstalling spyware with provided uninstallers saves a lot of hassle later down the road, however, the downside is that some of these uninstallers need an active net connection for the uninstaller to work. Either way, uninstalling everything you can as a first step saves hours of headaches if you do not want to reformat and reinstall the Operating System.

If you simply allow a spyware scanner to try to remove these strains of spyware that appear in “Add/Remove Programs”, you will be left with bits and pieces on the hard drive and in various places in the registry. These left over pieces will have to be removed manually because they are no longer being detected as threats, but may still be reappearing, recreating themselves, and causing problems. So, make sure you uninstall items that are listed here, plus any additional packages that looks suspicious:

[hidepost=1]

  • 180solutions
  • B3D Projector
  • BackWeb
  • BargainBuddy
  • CashBack
  • ClickTheButton
  • CometCursor
  • CommonName
  • DownloadWare
  • eAnthology/eAcceleration
  • Ebates Moe Money Maker
  • GoHip
  • Golden Palace Casino
  • HotBar
  • IEDriver
  • Internet Optimizer
  • IPInsight
  • ISTBar
  • MediaLoads
  • MySearchBar
  • N-Case
  • NetworkEssentials
  • New.net
  • SaveNow
  • SearchAssistant
  • SubSearch
  • TopText
  • WeatherCast
  • Win32 BI Application

Note that manufactured PCs come with many pre-installed applications. Do a quick Google search for the application name to see if it is software associated with the manufacturer, or a piece of possible spyware.

Next, go to Start > Run, type msconfig and hit enter. Once you have the System Configuration Utility open, go to the “Startup” tab and uncheck anything unfamiliar that you don’t want to load when the computer starts up. You do not need to reboot when prompted.

Next, make sure the detection definitions for Adaware, Spybot, and Microsoft AntiSpyware are up-to-date. Each of these tools has their own web update utility built into it. If the spyware infestation is really bad, go ahead and skip this step for now, but make sure you do eventually go back to perform the updates and rescan the computer with all three removal tools. Another option is to just download the updates, then boot in safe mode to perform the spyware scans.

These is no official order in which to use these programs. Personally, I usually start with Adaware since it’s the fastest scanner, and usually removes a good chunk of spyware that may be slowing the machine down. This allows the other two utilities, which are resource intensive, to run a bit more efficiently.

If you have trouble getting rid of something, try booting up Windows in Safe Mode and scanning the computer with the above mentioned removal tools.

After the first set of spyware scans, be sure to clear the browser cache, history, AutoComplete forms, and temp files. Then reboot and run the spyware removal utilities again. There are actually components that are not always detected the first time through, especially if the count is over a dozen separate items.

Next, run the HijackThis utility. Details on its use were mentioned earlier near the end of the “Scanning Tools” section in this section. HijackThis can also help you identify self-regenerating pests so you can find the appropriate removal tool that will remove it.

When all’s said and done, that’s the basic framework of a spyware removal procedure. The procedure can be altered and items swapped around when necessary, but this is one of the most efficient and effective removal procedures to make the most of your time and efforts.

[/hidepost]

Free eBook!

Like what you read?

If so, please join over 28,000 people who receive our exclusive weekly newsletter and computer tips, and get FREE COPIES of 5 eBooks we created, as our gift to you for subscribing. Just enter your name and email below:

Post A Comment Using Facebook

Discuss This Article (Without Facebook)

One comment

  1. Helga Busch / September 25, 2009

    Isn’t the described process of manual spyware removal redundant these days? It may be suitable for geeks who like digging in their PCs for hours. For busy people, any decent antispyware software would do the same job in minutes.

    Reply

Leave a Reply

PCMech Insider Cover Images - Subscribe To Get Your Copies!
Learn More
Every week, hundreds of tech enthusiasts, computer owners
and geeks read The Insider, the digital magazine of PCMech.

What’s Your Preference?

Daily Alerts

Each day we send out a quick email to thousands of PCMECH readers to notify them of new posts. This email is just a short, plain email with titles and links to our latest posts. You can unsubscribe from this service at any time.

You can subscribe to it by leaving your email address in the following field and confirming your subscription when you get an email asking you to do so.

Enter your email address for
Daily Updates:

Weekly Newsletter

Running for over 6 years, the PCMECH weekly newsletter helps you keep tabs on the world of tech. Each issue includes news bits, an article, an exclusive rant as well as a download of the week. This newsletter is subscribed to by over 28,000 readers (many who also subscribe to the other option) - come join the community!

To subscribe to this weekly newsletter simply add your email address to the following field and then follow the confirmation prompts. You will be able to unsubscribe at any time.

Enter your email address for
Free Weekly Newsletter: