Re: What to do with spyware *loaded* PC?

From: Lars M. Hansen (badnews_at_hansenonline.net)
Date: 01/31/05 

Date: Mon, 31 Jan 2005 06:59:25 -0500

On 30 Jan 2005 15:36:52 -0800, walterbyrd@iname.com spoketh

>Suppose a good friend or family member brings you a PC loaded with
>spyware, and asking for your help.
>
>What is the best way to clean up the PC, and keep it clean?
>
>Usually I completely rebuild the system: backup, format, re-install.
>Then I install updates, AV software, spybot, ad-aware, and cwshreader,
>and show them how to use the anti-malware software. I also try to get
>them to switch to firefox, with mixed success. It's time consuming, but
>it's fairly sure.
>
>I've tried just running the anti-spyware software, and manually
>cleaning out the registry. I've tried spybot, ad-adware, cwshreader,
>spyweeper, and symantec. It seems like I can never quite get it all.
>And if the tiniest bit of spyware stuff is left, I might as well have
>not done anything. Also, this method is not exactly quick, symatec
>especially runs forever. Also, it's very easy to accidently remove a
>valid file and totally screw up your system.
>
>Although rebuilding works, there are some serious problems. The time
>I've already mentioned. Also, often people do not have all their
>software applications, or drivers. I have also know people to put their
>valuable data in remarkable odd places - there is nothing I have like
>accidently deleting important data.
>
>Any advice?

There are two options: Clean it or wipe it.

And it seems that you've pointed out the pitfalls of both.

What makes you think that the "tiniest bit of spyware" is left on the
computer after you cleaned it?

To keep it clean, you'll either need to teach them to practice safe hex,
or you'll need to take away the major avenues used for malware
installation. Install alternative web browsers and e-mail clients if you
don't think that they can use IE or OE safely.

Install Spybot S&D and immunize the system. Install Microsoft's
Anti-Spyware Beta and leave that resident.

Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

Relevant Pages

  • Re: How to reinstall ...
    ... I have Adaware, Spybot, MS ... > Start by downloading each of the following additional free tools - and download ... > AdAware, CWShredder, and Spybot S&D have install routines - run them. ... > Spyware Warrior: ...
    (microsoft.public.windowsxp.network_web)
  • Re: PLEASE HELP!!!!! Cannot get address line to accept addresses
    ... CoolWebSearch (if not, then see AdAware, SpyBot, and HijackThis, ... tabs and remove any restrictions that the parasite has put in place. ... Be sure that you also download and install hotfix Q816093, ... Spyware and Hijackware Removal Support, ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Home Page
    ... >> CoolWebSearch (if not, then see AdAware, SpyBot, and HijackThis, below). ... >> tabs and remove any restrictions that the parasite has put in place. ... >> programs report as spyware. ... >> install malware) Keep it UPDATED. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: trojansssssss
    ... Spybot S&D has an install routine - run ... First update it ("Search for updates"), ... Spyware Warrior: ... Don't install software based upon advice ...
    (microsoft.public.windowsxp.perform_maintain)
  • Re: Can my Computer be used through DSL when Im not using it
    ... Spyware and viruses are common on the internet, ... AdAware, CWShredder, and Spybot S&D have install routines - run them. ... Block possibly dangerous websites with a Hosts file. ...
    (microsoft.public.windowsxp.network_web)