This site has been helping computer users for over four years. We have been at the forefront of assisting in the distribution and support of applications such as Ad-Aware, Spybot Search and Destroy, HijackThis and CoolWebShredder.
The infections plaguing users will continue to outpace the development and distribution of the applications required for disinfection and removal, for the foreseeable future.
It seems appropriate to develop a strategy that is both proactive and reactive. My advice is to adopt a routine of Configuration, Prevention, and Cleaning to help foil the tribulations of online computing.
A proper configuration will simplify the normal maintenance that is a key element in keeping infections under control, and ensure that a smooth running machine will continue to purr along.
Some time should be invested in adjusting Explorer, the file manager, to help with these routine tasks.
i) The 'View' of the more important folders should be set to 'Details'.
These folders should include, but are not limited to: Windows, System32, Temp, and TemporaryInternetFiles.
ii) On the 'View' tab of 'Folder Options', 'Show hidden files and folders' should be selected.
Just below that line on the 'Folder Options' 'View' tab, 'Hide extensions for known file types' should be unchecked.
iii) Attention should be paid to your file system and organization.
To get you started, please create three folders.
One for 'Security' applications, one for your 'Utilities' programs, and one for 'Downloads'.
The directories or folders, called Security and Utilities, should be in the root of the same drive that you normally install programs to. In many cases, that will be 'C:' . If you have separate partitions or drives, then I recommend that the download folder be on the Temp or Junk drive. Otherwise, just slam it into the root of 'C:' alongside everything else.
The next task involves using 'Internet Options' to your advantage. It is the last entry on the 'Tools' menu, in Internet Explorer. After clicking 'Internet Options', you'll want to become familiar with most of the tabs on that applet.
Temporary Internet Files, Cookies, and Histories can all be cleared from the General tab.
On the Advanced tab, make sure that both 'Install on Demands' are unchecked.
In addition the Security tab can be used to block and restrict problem web sites, and the Privacy tab can be used to refine how cookies are handled by your machine.
With a basic, suitable configuration in place we can go about the matter of prevention.
As always, what you get, has a lot to do with where you go. Part of the appropriate offense is developing a sense of where to visit and who to trust on the Internet. This is the first best step, for prevention.
Prevention also 'suggests' a few good softwares. In my view, that includes a reputable Anti-Virus, a quality Firewall, a small utility to block unwanted scripting such as 'Script Sentry', and an application like 'SpywareBlaster' that can help keep certain known unwanteds from grabbing hold.
I also believe a first rate Anti-Trojan should be considered.
While some of these applications can be had for free, please understand that quality of execution is a worthwhile investment.
Utilizing our previously configured folders, I would install the Anti-Virus, Firewall, and a blocker like SpywareBlaster into the 'Security' folder we have created. ScriptSentry I like in the Utilities folder.
Please understand, the main point is to obtain these programs, to know where they are, and that they are accessible, so that you can find them when things get weird, and so that it's more likely you will keep them updated.
Now armed with a sense of a reasonable setup for both Explorer and Internet Explorer, the clean up and maintence should become routine.
You will need some software for this part of the plan as well. These are actually cleaners or detectors and not preventors. To make the point, they are listed here, rather than back in the previous section on prevention.
In other words, these applications are for after the mistake has been made, and not run out of routine curiosity.
Any one of the following scanners can help with corralling a Virtually Transmitted Infection, or VTI:
i) WebRoot's SpySweeper
ii) Window's Defender
iii-a) Spybot Search and Destroy, which can be downloaded from our 'NiceFiles' page.
iii-b) Lavasoft's AdAware
I would suggest that the one you choose be installed in the Security folder alongside your Firewall and Anti-Virus. Please remember to update any scanner application before it's use.
At this point, it's time to disconnect from the Internet and begin cleaning in earnest.
The next priority will be to ensure that all Temp and Temporary Internet Files directories are emptied. A multiple user operating system like XP, demands that it be done for each user. The Temp directories would normally be hidden, but we have already set Explorer to show them, so they can now be found at:
C:\Documents and Settings\{Each User Name}\Local Settings
As you can see, the Temporary Internet Files can also be dealt with from here, or they can be deleted from the General tab of Internet Options as discussed earlier.
If you already know you have an infection, and your operating system is XP or ME turn off System Restore.
Make one last check of the Recycle Bin and empty it if there are any files accumulated there.
It's good to get in the habit of checking the Programs listed on the Add/Remove applet. You can get to it from Control Panel.
Some programs that folks would prefer did not get loaded on their machine, do have uninstalls listed on the Add/Remove list. New.Net and Viewpoint, come to mind. If an application has a built in uninstaller, it is best to run the uninstall from Add/Remove, before relying on a spyware removal application.
Now Defrag the HardDrive. If you're running 98, you'll need to kill all other applications, from the End Task dialog ( 'Ctrl' + 'Alt' + 'Del') and turn off your screensaver back at Display Properties, then finally get on with your Defrag.
This would be a nice time to run a full system AntiVirus scan.
The spyware cleaner you downloaded and updated is now run and allowed to fix the problems that it finds.
Defrag, one more time with feeling.
Connect 'er up and see how it goes. If you have reason to believe there is still an infection in place, now is when Hijack This is downloaded and placed in it's own folder inside of your 'Utilities' folder.
A Hijack This scan can be performed and then the logging reviewed by someone with experience in these matters.
Later.