will reformatting remove all spyware?

[Guest]

if so i will do it as i have sooo much spyware and my com seems to be getting
very slow

 

[David H. Lipman]

Do you use a sledge hammer to kill a housefly ?

--
Dave




"will reformatting remove all spyware?" <will reformatting remove all
[email protected]> wrote in message
| if so i will do it as i have sooo much spyware and my com seems to be getting
| very slow

 

[Guest]

Yes it will -- along with every other file on your hard drive. That's the
bad news. The good news is that when you reinstall XP, update XP it
(including SP2), and then reinstall your other software and data, your OS
will run like new and all the crudware, at least initially, will be gone.
The bad news is that unless you then correct what caused it to get downloaded
on your machine in the first place, eventually you will be back in the
situation that you are now.

Incidentally, before you decide on major surgery, try downloading and
running the MS antispyware beta (which is free for now) and see if it can
solve most of your problems. Here is a link that may work:

http://www.microsoft.com/downloads/...A2-6A57-4C57-A8BD-DBF62EDA9671&displaylang=en

 

[Mike Hall \(MS-MVP\)]

It is better to learn how to fight spyware now, otherwise you will find
yourself reformatting in the not so distant future.. read on



Spyware/Adware/Scumware has become a major player in compromising
computers.. they introduce viruses, trojans and worms.. they attempt to send
out information about you, and they also slow your computer down..



Some basic steps to removing Spyware/Adware..



First step is to run a one shot virus remover.. I have found that McAfee
Stinger works for people.. download and run it..



http://vil.nai.com/vil/stinger/



You will also need to download Spyware removal software.. Spybot and Adaware
are available at these websites.. both are free.. download and run them..
don't forget to check for updates after you have started them..



http://www.safer-networking.org/en/index.html



http://www.lavasoftusa.com/software/adaware/



Spybot has the ability to immunize a system, but there is better for this
function, so download and run Spyware Blaster too.. again, check for
updates..



http://www.javacoolsoftware.com/



At this point, I will mention the new MS Anti Spyware program.. some have
reported good results and for others, it has caused problems.. I would not
suggest loading it until all other problems have been cleared up.. You have
enough to deal with presently..



If you have had your Internet browser hijacked, that is to say, you get
redirected through a search engine NOT of your choosing, you will need
different tools..



HijackThis is a popular and effective tool.. download it from here..



http://www.spychecker.com/download/download_hijackthis.html



CWShredder will eliminate CoolWebSearch and variants.. there is a free
download here..



CWShredder.. http://www.intermute.com/spysubtract/cwshredder_download.html



For other tools in the fight against spyware, visit this website and
bookmark it..



http://www.pchell.com



You must also run a firewall and anti-virus program.. here are some links
for you..



http://www.mcafee.com .. http://www.symantec.com .. http://www.zonealarm.com
... http://www.kerio.com .. http://www.gate.com .. http://www.avast.com ..
http://www.grisoft.com..





Please return to this thread and provide feedback.. it is the only way that
helpers here can determine how effective the advice given has been..



Good luck..


--
Mike Hall
MVP - Windows Shell/user







"will reformatting remove all spyware?" <will reformatting remove all
[email protected]> wrote in message

 

[Guest]

It's easy to clear away a cobweb by brushing them away.

Problem is they come back tomorrow...why? Becasue the bloody spider makes
them!

So rather than spend 8 - 12 hours reformatting the hard drive, installing
Windows, applying updates and patches, then installing all those application
and then recovering your personal data from a CD or tape..and then going to
sleep and waking up to personalise your PC and get it back to where you were
before....catch my breath.

Downblaod and install Spybot Search and Destroy. Boot up to safe mode and
then run it to clear out the cobwebs and kill the spiders! It has the
benefit of laying down some traps to catch and prevent new ones coming back!

Get the message?

If not waste your time!

 

[Shenan Stanley]

if so i will do it as i have sooo much spyware and my com seems to be
getting very slow

As the name implirs - reformatting gets rid of everything..
EVERYTHING.

Why not just clean your PC instead of formating?

Let's take the cleanup of your computer step-by-step. Yes, it will take
up some of your time - but consider what you use your computer
for and how much you would dislike it if all of your stuff on your
computer went away because you did not "feel like" performing some
simple maintenance tasks - think of it like changing the oil in your car,
changing the air filter on your home A/C unit, paying your bills on time,
etc.

Let's go through some maintenance first that should only have to be done
once (mostly):

Tip (1):
Locate all of the software (the installation media - CDs, etc) that you
have installed on your computer. Collect these CDs into a single pile
and locate the original installation media (CDs, disks) in a central and
safe place along with their CD keys and such. Make backups of these
installation media sets using your favorite copying method (CD Burner and
application, Disk copier, etc.) You'll be glad to know that if you have
a CD burner, you may be able to use a free application to make a
duplicate copy of your CDs. One such application is ISORecorder:

ISORecorder home page (with general instructions on use):
http://isorecorder.alexfeinman.com/isorecorder.htm

Pre-SP2 version:
http://isorecorder.alexfeinman.com/IsoRecorder/download.asp

Post-SP2 beta version:
http://isorecorder.alexfeinman.com/download/ISORecorderV2B2.zip


Tip (2):
Empty your Internet Explorer Temporary Internet Files and make sure the
maximum size for this is small enough not to cause trouble in the future.
Empty your Temporary Internet Files and shrink the size it stores to a
size between 10MB and 360MB..

- Open ONE copy of Internet Explorer.
- Select TOOLS -> Internet Options.
- Under the General tab in the "Temporary Internet Files" section, do the
following:
- Click on "Delete Cookies" (click OK)
- Click on "Settings" and change the "Amount of disk space to use:" to
something between 10MB and 360MB. (Betting it is MUCH larger right
now.)
- Click OK.
- Click on "Delete Files" and select to "Delete all offline contents"
(the checkbox) and click OK. (If you had a LOT, this could take 2-10
minutes or more.)
- Once it is done, click OK, close Internet Explorer, re-open Internet
Explorer.


Tip (3):
If things are running a bit slow or you have an older system
(1.5GHz or less and 256MB RAM or less) then you may want to look into
tweaking the performance a bit by turning off some of the memory
using Windows XP "prettifications". The fastest method is:

Control Panel --> System --> Advanced tab --> Performance section,
Settings button. Then choose "adjust for best performance" and you
now have a Windows 2000/98 look which turned off many of the annoying
"prettifications" in one swift action. You can play with the last
three checkboxes to get more of an XP look without many of the
other annoyances. You could also grab and install/mess with one
(or more) of the Microsoft Powertoys - TweakUI in particular:

http://www.microsoft.com/windowsxp/downloads/powertoys/xppowertoys.mspx


Tip (4):
Understanding what a good password might be is vital to your
personal and system security. You may not need to password your home
computer, as you may have it in a locked area (your home) where no
one else has access to it. Remember, however, that locked area is
unlocked when you access the Internet unless you are taking proper
precautions. Also, you aren't always "in that locked area" when using
your computer online - meaning you likely have usernames and passwords
associated with web sites and the likes that you would prefer other
people do not discover/use. This is why you should understand and
utilize good passwords.

Good passwords are those that meet these general rules
(mileage may vary):

Passwords should contain at least six characters, and the character
string should contain at least three of these four character types:
- uppercase letters
- lowercase letters
- numerals
- nonalphanumeric characters (e.g., *, %, &, !)

Passwords should not contain your name/logon name. Passwords should
be unique to you and easy to remember. One method many people are
using today is to make up a phrase that describes a point in their
life and then turning that phrase into their password by using only
certain letters out of each word in that phrase. It's much better
than using your birthday month/year or your anniversary in a pure
sense. For example, let's say my phrase is:
"Discharged from Marines in 1964"
I could come up with this password from that:
"DifrMain64"

The password tip is in the "one time" section, but I highly
recommend you periodically change your passwords. The suggested time
varies, but I will throw out a "once in every 3 to 6 months for
every account you have."


Tip (5):
This tip is also "questionable" in the "one time" section. However,
if properly setup, this one can be pretty well ignored for most people
after the initial "fiddle-with" time.

Why you should use a computer firewall..
http://www.microsoft.com/athome/security/viruses/fwbenefits.mspx

You should, in some way, use a firewall. Hardware (like a nice
Cable Modem/DSL router) or software is up to you. Many use both of
these. The simplest one to use is the hardware one, as most people
don't do anything they need to configure their NAT device for and
those who do certainly will not mind fiddling with the equipment to
make things work for them. Next in the line of "simplicity" would
have to be the built-in Windows Firewall of Windows XP. In SP2 it
is turned on by default. It is not difficult to turn on in any
case, however:

Enable/Disable the Internet Connection Firewall (Pre-SP2):
http://support.microsoft.com/kb/283673

More information on the Internet Connection Firewall (Pre-SP2):
http://support.microsoft.com/?kbid=320855

Post-SP2 Windows Firewall Information/guidance:
http://snipurl.com/atal

The trouble with the Windows Firewall is that it only keeps things
out. Truthfully, for most people who maintain their system in other
ways, this is MORE than sufficient. However, you may feel otherwise.
If you want to know when one of your applications is trying to obtain
access to the outside world so you can stop it, then you will have to
install a third-party application and configure/maintain it. I have
compiles a list with links of some of the better known/free firewalls
you can choose from:

ZoneAlarm (Free and up)
http://snipurl.com/6ohg

Kerio Personal Firewall (KPF) (Free and up)
http://www.kerio.com/kpf_download.html

Outpost Firewall from Agnitum (Free and up)
http://www.agnitum.com/download/

Sygate Personal Firewall (Free and up)
http://smb.sygate.com/buy/download_buy.htm

Symantec's Norton Personal Firewall (~$25 and up)
http://www.symantec.com/sabu/nis/npf/

BlackICE PC Protection ($39.95 and up)
http://blackice.iss.net/

Tiny Personal Firewall (~$49.00 and up)
http://www.tinysoftware.com/

Perhaps you can find the right firewall for your situation in that
list and set it up/configure it. Every firewall MAY require some
maintenance. Essentially checking for patches or upgrades (this
goes for hardware and software solutions) is the extent of this
maintenance - but you may also have to configure your firewall to
allow some traffic depending on your needs. Also, don't stack these
things. Running more than one firewall will not make you safer
- it would likely (in fact) negate some protection you gleamed
from one or the other firewalls you run.


Now that you have some of the more basic (one-time) things down..
Let's go through some of the steps you should take periodically to
maintain a healthy and stable windows computer. If you have not
done some of these things in the past, they may seem tedious at
first - however, they will become routine and some can even be
automatically scheduled.


Tip (6):
The system restore feature is a new one - first appearing in Windows
ME and then sticking around for Windows XP. It is a VERY useful
feature - if you keep it maintained and use it to your advantage.
However, remember that the system restore pretty much tells you in
the name what it protects - "system" files. Your documents, your
pictures, your stuff is NOT system files - so you should also look
into some backup solution.

I'll mainly work around Windows XP, as that is what the bulk of this
document is about. I will, however, point out a single place for you
poor souls still stuck in Windows ME where you can get information on
maintaining your system right now:

Windows ME Computer Health:
http://www.microsoft.com/windowsME/using/computerhealth/articles/

Pay close attention to the sections:
(in order)
- Clean up your hard disk
- Check for errors by running ScanDisk
- Defragment your hard disk
- Roll back the clock with System Restore

Now back to the point at hand - maintaining your system restore in
Windows XP SHOULD be automatic - but I have seen the automatic go wrong
too many times not to suggest the following.. Whenever you think about
it (after doing a once-over on your machine once a month or so would
be optimal) - clear out your System Restore and create a manual
restoration point. Why? Too many times have I seen the system restore
files go currupt or get a virus in them, meaning you could not or
did not want to restore from them. By clearing it out periodically
you help prevent any corruption from happening and you make sure you
have at least one good "snapshot".
(This, of course, will erase any previous restore point you have.)

- Turn off System Restore.
http://support.microsoft.com/?kbid=310405
- Reboot.
- Turn on System Restore.
http://support.microsoft.com/?kbid=310405
- Make a Manual Restoration Point.
http://snipurl.com/68nx

That covers your system files, but doesn't do anything for the files
that you are REALLY worried about - yours! For that you need to look
into backups. You can either manually copy your important files, folders,
documents, spreadsheets, emails, contacts, pictures, drawings and so on
to an external location (CD/DV - any disk of some sort, etc) or you can
use the backup tool that comes with Windows XP:

How To Use Backup to Back Up Files and Folders on Your Computer
http://support.microsoft.com/kb/308422

Yes - you still need some sort of external media to store the results
on, but you could schedule the backup to occur when you are not around,
then burn the resultant data onto CD or DVD or something when you are
(while you do other things!)


Tip (7):
You should sometimes look through the list of applications that are
installed on your computer. The list MIGHT surprise you. There are more
than likely things in there you KNOW you never use - so why have them
there? There may even be things you KNOW you did not install and
certainly do not use (maybe don't WANT to use.)

This web site should help you get started at looking through this list:

How to Uninstall Programs
http://snipurl.com/8v6b

A word of warning - Do NOT uninstall anything you think you MIGHT need
in the future unless you have completed Tip (1) and have the installation
media and proper keys for use backed up somewhere safe!


Tip (8):
Patches and Updates!

This one cannot be stressed enough. It is SO simple, yet so neglected
by many people. It is especially simple for the critical Windows patches!
Microsoft put in an AUTOMATED feature for you to utilize so that you do
NOT have to worry yourself about the patching of the Operating System:

How to configure and use Automatic Updates in Windows XP
http://support.microsoft.com/kb/306525

However, not everyone wants to be a slave to "automation", and that is
fine - as long as you are willing to do things manually. Admittedly, I
prefer this method on some of my more critical systems.

Windows Update
http://windowsupdate.microsoft.com/

Go there and scan your machine for updates. Always get the critical ones
as you see them. Write down the KB###### or Q###### you see when
selecting the updates and if you have trouble over the next few days,
go into your control panel (Add/Remove Programs), match up the latest
numbers you downloaded recently (since you started noticing an issue) and
uninstall them. If there was more than one (usually is), uninstall them
one by one - with a few hours of use in between, to see if the problem
returns. Yes - the process is not perfect (updating) and can cause trouble
like I mentioned - but as you can see, the solution isn't that bad - and is
MUCH better than the alternatives.

Windows is not the only product you likely have on your PC. The
manufacturers of the other products usually have updates as well. New
versions of almost everything come out all the time - some are free, some
are pay - some you can only download if you are registered - but it is best
to check. Just go to their web pages and look under their support and
download sections. For example, for Microsoft Office update, you should
visit:

Microsoft Office Updates
http://office.microsoft.com/
(and select "downloads")

You also have hardware on your machine that requires drivers to interface
with the operating system. You have a video card that allows you to see on
your screen, a sound card that allows you to hear your PCs sound output and
so on. Visit those manufacturer web sites for the latest downloadable
drivers for your hardware/operating system. Always (IMO) get the
manufacturers hardware driver over any Microsoft offers. On the Windows
Update site I mentioned earlier, I suggest NOT getting their hardware
drivers - no matter how tempting. First - how do you know what hardware
you have in your computer? Invoice or if it is up and working now - take
inventory:

Belarc Advisor
http://belarc.com/free_download.html

EVEREST Home Edition
http://www.lavalys.com/products/download.php?pid=1&lang=en

Once you know what you have, what next? Go get the latest driver for your
hardware/OS from the manufacturer's web page. For example, let's say you
have an NVidia chipset video card or ATI video card, perhaps a Creative
Labs sound card or C-Media chipset sound card...

NVidia Video Card Drivers
http://www.nvidia.com/content/drivers/drivers.asp

ATI Video Card Drivers
http://www.atitech.com/support/driver.html

Creative Labs Sound Device
http://us.creative.com/support/downloads/

C-Media Sound Device
http://www.cmedia.com.tw/e_download_01.htm

Then install these drivers. Updated drivers are usually more stable and
may provide extra benefits/features that you really wished you had before.

As for Service Pack 2 (SP2) for Windows XP, Microsoft has made this
particular patch available in a number of ways. First, there is the
Windows Update web page above. Then there is a direct download site
and finally, you can order the FREE CD from Microsoft.

Direct Download of Service Pack 2 (SP2) for Windows XP
http://snipurl.com/8bqy

Order the Free Windows XP SP2 CD
http://snipurl.com/8umo


Tip (9):
What about the dreaded word in the computer world, VIRUS?

Well, there are many products to choose from that will help you prevent
infections from these horrid little applications. Many are FREE to the
home user. Which one you choose is a matter of taste, really. I wouldn't
list one here I had not personally used - and they all work. Many people
have emotional attachments or performance issues with one or another
AntiVirus software. Try some out, read reviews and decide for yourself
which you like more:

Symantec (Norton) AntiVirus (~$11 and up)
http://www.symantec.com/nav/nav_9xnt/

Kaspersky Anti-Virus (~$49.95 and up)
http://www.kaspersky.com/products.html

Panda Antivirus Titanium (~$39.95 and up)
http://www.pandasoftware.com/
(Free Online Scanner: http://www.pandasoftware.com/activescan/)

AVG Anti-Virus System (Free and up)
http://www.grisoft.com/

McAfee VirusScan (~$11 and up)
http://www.mcafee.com/

AntiVir (Free and up)
http://www.free-av.com/

avast! (Free and up)
http://www.avast.com/

Trend Micro (~$49.95 and up)
http://www.trendmicro.com/en/home/us/personal.htm
(Free Online Scanner:
http://housecall.trendmicro.com/housecall/start_corp.asp)

RAV AntiVirus Online Virus Scan (Free!)
http://www.ravantivirus.com/scan/

Untested (by me):
eTrust EZ Antivirus ($29.95 and up)
https://www2.my-etrust.com/commerce/buy.it.cfm

Most of them have automatic update capabilities. You will have to
look into the features of the one you choose. Whatever one you finally
settle with - be SURE to keep it updated (I recommend at least daily) and
perform a full scan periodically (yes, it protects you actively, but a
full scan once a month at 4AM probably won't bother you.)


Tip (10):
The most rampant infestation at the current time concerns SPYWARE/ADWARE.
I hate this stuff. It has no purpose. I have seen people try to justify
it over and over - it's worthless. It slows down your PC, it can send
your private information to people you'll never meet and did I mention,
it's worthless. You need to eliminate it from your machine.

If you use P2P software, this COULD make that stop working. Find some
decent software to do the same thing - what you are currently using is
crap.

Anyway - there is no one software that cleans and immunizes you against
everything. Antivirus software - you only needed one. Firewall, you
only needed one. AntiSpyware - you may need several. I have a list and
I recommend you use at least the first 5. I know that sounds like a lot,
and you may be saying "But you said earlier that I should clean my system,
now you are telling me to install more software - 5 pieces in fact!" Okay,
I get your point, but please consider that this stuff has prevented the
install of the latest service pack for some people, it has the potential
to slow and crater your PC, it can send your private information around
the world to people you do not know - it is all around BAD.

First - make sure you have NOT installed "Rogue AntiSpyware". There are
people out there who created AntiSpyware products that actually install
spyware of their own! You need to avoid these:

Rogue/Suspect Anti-Spyware Products & Web Sites
http://www.spywarewarrior.com/rogue_anti-spyware.htm

Also, you can always visit this site..
http://mvps.org/winhelp2002/unwanted.htm
For more updated information.

Then, my suggestion again is that you at least install the first five of
these: (Install, Run, Update, Scan with..)

Lavasoft AdAware (Free and up)
http://www.lavasoft.de/support/download/
(How-to: http://snipurl.com/atdn )

Spybot Search and Destroy (Free!)
http://www.safer-networking.net/en/download/index.html
(How-to: http://snipurl.com/atdk )

Bazooka Adware and Spyware Scanner (Free!)
http://www.kephyr.com/spywarescanner/
(How-to: http://snipurl.com/ate3 )

SpywareBlaster (Free!)
http://www.javacoolsoftware.com/sbdownload.html
(How-to: http://snipurl.com/ate6 )

IE-SPYAD (Free!)
https://netfiles.uiuc.edu/ehowes/www/resource.htm
(How-to: http://snipurl.com/ate7 )

CWShredder (Free!)
http://www.softbasket.com/download/s_8114.shtml

Hijack This! (Free)
http://mjc1.com/mirror/hjt/
( Tutorial: http://hjt.wizardsofwebsites.com/ )

ToolbarCop (Free!)
http://windowsxp.mvps.org/toolbarcop.htm

Browser Security Tests
http://www.jasons-toolbox.com/BrowserSecurity/

Popup Tester
http://www.popuptest.com/

The Cleaner (49.95 and up)
http://www.moosoft.com/

If used properly, you should have a malware free system now. The last
two of the first five I suggest you install are immunization applications.
None of these programs (in these editions) run in the background unless you
TELL them to. The space they take up and how easy they are to use greatly
makes up for any inconvenience you may be feeling.

Unfortunately, although that will lessen your popups on the Internet/while
you are online, it won't eliminate them. I have looked at a lot of options,
seen a lot of them used in production with people who seem to attract popups
like a plague, and I only have a few other suggestions that should help.
This
one ends up serving double duty (search engine and popup stopper in one):

The Google Toolbar (Free!)
http://toolbar.google.com/

Yeah - it adds a bar to your Internet Explorer - but its a useful one. You
can search from there anytime with one of the best search engines on the
planet (IMO.) And the fact it stops most popups - wow - BONUS! If you
don't like that suggestion, then I am just going to say you go to
www.google.com and search for other options.

Please notice that Windows XP SP2 does help stop popups as well.

Another option is to use an alternative Web browser. I suggest
"Mozilla Firefox", as it has some great features and is very easy to use:

Mozilla Firefox
http://www.mozilla.org/products/firefox/

One more suggestion is to disable your Windows Messenger service. This
service is not used frequently (if at all) by the normal home user and
in cooperation with a good firewall, is generally unnecessary. Microsoft
has instructions on how to do this for Windows XP here:

http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp


So your machine is pretty clean and up to date now. If you use the sections
above as a guide, it should stay that way as well! There are still a few
more
little things you can do to keep your machine running in top shape.


Tip (11):
You should periodically check your hard drive(s) for errors and defragment
them. Only defragment after you have cleaned up your machine of
outside parasites and never defragment as a solution to a quirkiness in
your system. It may help speed up your system, but it should be clean
before you do this.

How to use Disk Cleanup
http://support.microsoft.com/?kbid=310312

How to scan your disks for errors
http://support.microsoft.com/?kbid=315265

How to Defragment your hard drives
http://support.microsoft.com/?kbid=314848

I would personally perform the above steps at least once every three months.
For most people this should be sufficient, but if the difference you notice
afterwards is greater than you think it should be, lessen the time in
between
its schedule.. If the difference you notice is negligible, you can increase
the time.


Tip (12):
SPAM! JUNK MAIL!
This one can get annoying, just like the rest. You get 50 emails in one
sitting and 2 of them you wanted. NICE! (Not.) What can you do? Well,
although there are services out there to help you, some email
servers/services that actually do lower your spam with features built into
their servers - I still like the methods that let you be the end-decision
maker on what is spam and what is not. I have two products to suggest to
you, look at them and see if either of them suite your needs. Again, if
they don't, Google is free and available for your perusal.

SpamBayes (Free!)
http://spambayes.sourceforge.net/

Spamihilator (Free!)
http://www.spamihilator.com/

As I said, those are not your only options, but are reliable ones I have
seen function for hundreds+ people.


Tip (13):
ADVANCED TIP! Only do this once you are comfortable under the hood of your
computer!

There are lots of services on your PC that are probably turned on by default
you don't use. Why have them on? Check out these web pages to see what all
of the services you might find on your computer are and set them according
to
your personal needs. Be CAREFUL what you set to manual, and take heed and
write down as you change things! Also, don't expect a large performance
increase or anything - especially on today's 2+ GHz machines, however - I
look
at each service you set to manual as one less service you have to worry
about
someone exploiting. A year ago, I would have thought the Windows Messenger
service to be pretty safe, now I recommend (with addition of a firewall)
that most home users disable it! Yeah - this is another one you have to
work for, but your computer may speed up and/or be more secure because you
took the time. And if you document what you do as you do it, next time, it
goes MUCH faster! (or if you have to go back and re-enable things..)

Task List Programs
http://www.answersthatwork.com/Tasklist_pages/tasklist.htm

Black Viper's Service List and Opinions (XP)
http://www.blackviper.com/WinXP/servicecfg.htm

Processes in Windows NT/2000/XP
http://www.reger24.de/prozesse/

There are also applications that AREN'T services that startup when you start
up the computer/logon. One of the better description on how to handle these
I have found here:

Startups
http://www.pacs-portal.co.uk/startup_content.php


If you follow the advice laid out above (and do some of your own research as
well, so you understand what you are doing) - your computer will stay fairly
stable and secure and you will have a more trouble-free system.

 

[Bruce Chambers]

if so i will do it as i have sooo much spyware and my com seems to be getting
very slow

To deal with issues caused by any sort of "adware" and/or
"spyware,"such as Gator, Comet Cursors, Smiley Central, Xupiter,
Bonzai Buddy, or KaZaA, and their remnants, that you've deliberately
(but without understanding the consequences) installed, two products
that are quite effective (at finding and removing this type of
scumware) are Ad-Aware from www.lavasoft.de and SpyBot Search &
Destroy from www.safer-networking.org/. Both have free versions.
It's even possible to use SpyBot Search & Destroy to "immunize" your
system against most future intrusions. I use both and generally
perform manual scans every week or so to clean out cookies, etc.

Additionally, manual removal instructions for the most common
varieties of scumware are available here:

PC Hell Spyware and Adware Removal Help
http://www.pchell.com/support/spyware.shtml

Formatting the hard drive to solve a virus or spyware problem is
rather like using an axe to trim one's fingernails. Sure, it'll
probably get the job done, but it's rather messy...., and almost always
unnecessary.


However, if that's what you still want to do:

Simply boot from the WinXP installation CD. You'll be offered the
opportunity to delete, create, and format partitions as part of the
installation process. (You may need to re-arrange the order of boot
devices in the PC's BIOS to boot from the CD.)

HOW TO Install Windows XP
http://support.microsoft.com/default.aspx?scid=KB;en-us;316941

http://www.michaelstevenstech.com/cleanxpinstall.html

http://www.webtree.ca/windowsxp/clean_install.htm


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Bruce Chambers]

Do you use a sledge hammer to kill a housefly ?

I do. It's a great upper body workout, if a bit hard on the walls and
windows. ;-}


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[cquirke (MVP Win9x)]

if so i will do it as i have sooo much spyware and my com
seems to be getting very slow

[/QUOTE]

Yes - but if you don't learn anything and your "com" stays unpatched
and poorly risk-managed, it will be back in no time.

http://cquirke.mvps.org/reinst.htm refers.

To deal with issues caused by any sort of "adware" and/or
"spyware,"such as Gator, Comet Cursors, Smiley Central, Xupiter,
Bonzai Buddy, or KaZaA, and their remnants, that you've deliberately
(but without understanding the consequences) installed,

I must break in at this point. It's absurd (in 2005) to suggest the
user "deliberately" installed this junk, even though that is supposed
to be the defence of commercial malware vendors.

Initially, there was a sharp difference between traditional malware
(viruses, worms, trojans) and commercial malware. The authors of
commercial malware had to be visible in order to collect the money, so
they were careful to maintain plausible deniability - i.e. claim that
victims "consented" to the installation, etc.

But as time went by, and no-one challenged them legally, they got
bolder. Commercial malware now routinely exploits software code
defects (as well as stupid software design) to install themselves,
often counter-attack clean-up tools, re-instate themselves on the fly
when killed, and persist in Safe Mode.

Commercial malware vendors also write EULAs that forbid users from
using tools to remove their trash, and that reserve the right of the
commercial malware vendor to re-infect the PC at will. They've also
brought legal pressure to bear on clean tools so that the authors of
these tools drop detection for their "legitimate" products.

With that sort of sympathetic legal climate, it's no wonder things are
getting worse. The way these vendors make money is dubious at best
(covering ads and entire web pages with thier own content to steal ad
click revenue, using other techniques to steal revenue from other ad
vendors, adding fake hyperlinks to competitors' sites etc.) and yet
they are well-supported by big venture capital.

IE is *designed* to allow web devs to drop code into IE, and run as
part of IE (BHOs). It is *designed* to let web devs create any UI
they like, including covering up parts of the browser window, or
faking a system dialog box. Since IE4's "Active Desktop" and "View As
Web Page", MS has deliberately blurred the UI of "the Internet" and
the PC itself. All these commercial vendors need do, is simply use
the tools that MS has given them to trick and rob the user.

But commercial malware also makes use of code defects, such as those
within Java, to silently invade systems without any user clicks at
all. The only "fault" the user can be blamed for, is using a popular
but unsafe platform on the Internet, without becoming a SysAdmin
boffin on security, patching, etc.

And yet we have folks still pitching the party line that if you have
"spyware" on your PC, then it must be because you chose to install it.
How else could it have possibly have got there?

two products that are quite effective (at finding and removing this type of
scumware) are Ad-Aware from www.lavasoft.de and SpyBot Search &
Destroy from www.safer-networking.org/. Both have free versions.
It's even possible to use SpyBot Search & Destroy to "immunize" your
system against most future intrusions. I use both and generally
perform manual scans every week or so to clean out cookies, etc.

Yes, they are both very good - I also use Spyware Blaster to immunize
against known attackers (where "known" implies the usual process of
ongoing updates and re-application of newly-enhanced protection).

Additionally, manual removal instructions for the most common
varieties of scumware are available here:

PC Hell Spyware and Adware Removal Help
http://www.pchell.com/support/spyware.shtml

Formatting the hard drive to solve a virus or spyware problem is
rather like using an axe to trim one's fingernails. Sure, it'll
probably get the job done, but it's rather messy...., and almost always
unnecessary.

When you "just" wipe and start over, you invariably fall back to the
form of software that was originally considered "fit to ship" - i.e.
without subsequent patches (repairs) needed to block evolving attacks.

So you may be worse off afterwards, i.e. more likely to be infected.

-- Risk Management is the clue that asks:

"Why do I keep open buckets of petrol next to all the
ashtrays in the lounge, when I don't even have a car?"

 

[Guest]

ok

i have had

ad aware
spybot
bazooka
hijack this
spywareblaster
spy killer
security task manager
norton 2005 internet security
norton 2005 system works


these are all crap, i still get cool web search, home assisant, shopping
wizard, etc etc, comp running slower than usualy and u still think i shouldnt
reformat, if i do, yes i kinda know what to look out for to prevent it for
next time

 

[Leythos]

When you "just" wipe and start over, you invariably fall back to the
form of software that was originally considered "fit to ship" - i.e.
without subsequent patches (repairs) needed to block evolving attacks.

There are a couple things to consider in the wipe/reinstall method:

1) If you are not on a protected network when you wipe/reinstall you are
likely to get compromised before you finish the Windows installation, even
before you try and get the patches - A protected network is necessary, or
installation without connection to the network and then the installation
of a personal firewall before connecting to the network to get patches.

2) Routers with NAT for DSL/Cable users are cheap and provide a great
first barrier to compromise, they do nothing about malware, but they do
get you online without being compromised while the computer just sits
there.

3) Routers with NAT almost always provide a logging method that permits
you to see in/out bound traffic with detail - this is a great tool for
determining if you have a compromised machine on your network.

4) People need to learn to run as User level (limited) account types
instead of Administrator level account types - this one thing will benefit
most users more than anything else (except the router).

5) Many AV programs now detect malware and can remove it - Use a quality
AV product. Make sure that the AV product can scan in/out bound email with
the email program you use.

6) Use an alternative browser - or use Microsofts directions to put IE in
high security mode. HS mode for IE breaks most web sites, but it will keep
you from getting compromised while using IE on questionable sites.
Actually using an alternative browser like FireFox is a better choice,
while it's not exploit free, it is MUCH less susceptible to the typical
compromise methods the user will run into.

There are a bunch of other things, but nothing is going to stop spyware
being installed and running if the users want to run programs that provide
spyware as part of their packages - P2P programs are notorious for spyware
being included, and there is little reason to use P2P apps, but people
still do.

One last thing - while wipe/reinstall has been likened to using a sledge
hammer to kill a fly, it's the only method a typical user has that can
ensure that their system is clean.

 

[Leythos]

ok

i have had

ad aware
spybot
bazooka
hijack this
spywareblaster
spy killer
security task manager
norton 2005 internet security
norton 2005 system works


these are all crap, i still get cool web search, home assisant, shopping
wizard, etc etc, comp running slower than usualy and u still think i shouldnt
reformat, if i do, yes i kinda know what to look out for to prevent it for
next time

Have you tried to use the Add/remove programs to remove Cool Web Search?
It's one that normally permits users to remove it. You should run the
anti-spyware tools in Safe Mode (F6 at boot) in order to properly clean
your computer.

I use AdAwareSE (latest version) and Spy Bot Search and Destroy on
machines in safe mode - I download the updates and software to CD, then
install them in safe mode and run them (and the updates) if it lets me, I
also edit the registry of HKLM and HKLU for the RUN values - there are
often tons of entries that don't need to be there.

 

[Bruce Chambers]

I must break in at this point. It's absurd (in 2005) to suggest the
user "deliberately" installed this junk, even though that is supposed
to be the defence of commercial malware vendors.

Why is it "absurd" to report an informed opinion based upon years of
experience supporting computers in corporate, government, and home
environments? Nor do I defend any malware vendors, commercial or
otherwise. I simply point out that computer users need to pay attention
and take responsibility for their own actions.

And yet we have folks still pitching the party line that if you have
"spyware" on your PC, then it must be because you chose to install it.
How else could it have possibly have got there?

It's no party line. It's a simple statement of observation. I've
heard of claims of "drive-by" installations, but have never actually
seen one, nor have I ever met anyone who had actually seen one. A
computer would have to be left in an awfully "unsecured" state for such
an installation to occur. In *every* malware that case I've seen, the
installation of spyware relied upon the co-operation of the computer user.

If someone gets malware on their computer, be it a virus, Trojan, worm,
adware, or spyware, it's because the computer user failed to take the
proper security measures.


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Guest]

these are all crap, i still get cool web search, home assisant, shopping
wizard, etc etc, comp running slower than usualy and u still think i shouldnt
reformat, if i do, yes i kinda know what to look out for to prevent it for
next time

If it were me, I would reformat -- but only after thoroughly educating
myself on how this happened to your machine in the first place. All of this
crudware got on your machine because of choices you made, e.g. to use Kazaa
or similar malware, or to click on popup ads that you came across while
surfing the net, or to install "free" software that came at a pretty steep
price that they didn't tell you about. It didn't get installed by accident.
If you don't accept this fact and simply reformat, pretty soon you will again
end up exactly where you are now. This is definitely an area where an ounce
of prevention is worth a ton of cure.

Ken

 

[Guest]

If someone gets malware on their computer, be it a virus, Trojan, worm,
adware, or spyware, it's because the computer user failed to take the
proper security measures.

In my experience, this is true -- 99 percent of the time. There was one
time when I somehow got a virus upon visiting the ESPN website, of all
things. I didn't click on anything, I simply navigated to the sight and,
while it was loading, Norton told me that it had just blocked a virus trying
to download onto my machine. It happened years ago, and I don't rule out the
possibility that it was a false positive.

In every other case of adware or spyware I have ever heard of, it resulted
from a user downloading and installing files (including software programs
such as Kazaa as well as Active-X controls), clicking on a popup add, or
opening an e-mail attachment. These are all user-initiated, and therefore
user-preventable.

Ken

 

[cquirke (MVP Win9x)]

There are a couple things to consider in the wipe/reinstall method:

One last thing - while wipe/reinstall has been likened to using a sledge
hammer to kill a fly, it's the only method a typical user has that can
ensure that their system is clean.

Untrue. The typical user has NO method that can ensure their system
is clean, for time values longer than days to weeks.

That's how badly out of control things have become.

So users have to become untypical; either by building their own
skills, or getting someone to set up their systems properly.

-- Risk Management is the clue that asks:

"Why do I keep open buckets of petrol next to all the
ashtrays in the lounge, when I don't even have a car?"

 

[Leythos]

Untrue. The typical user has NO method that can ensure their system
is clean, for time values longer than days to weeks.

That's how badly out of control things have become.

So users have to become untypical; either by building their own
skills, or getting someone to set up their systems properly.

I disagree, the typical user DOES HAVE a method that they can use, in
fact, there is even a published MS document on how to get your computer
online and patched without it being compromised....

Things are only bad for the Ignorant and those unwilling to learn, after a
persons first experience with being compromised if they don't take
precautions and preventative measures they falling to that Unwilling class
and deserve what they get.

Users don't have to become "UnTypical", people like us have to not accept
that your average home user is just plain ignorant and/or doesn't care. I
choose to NOT accept that users are like that, I choose to inform them.
Kind of like people calling NAT devices firewalls - it's not correct and I
make that point each time I see it.

Users that purchase and expensive device and don't do anything to learn
about it are just part of the sheep that you can't protect from the Wolf.
There are simple ways to protect people home computers, such as NAT at the
Cable/DSL ISP MODEM (since almost every one of their modems has NAT
ability).....

Wiping the drive is the only way to ensure that a compromised system is no
longer compromised - that has no measure on keeping it uncompromised.

 

[cquirke (MVP Win9x)]

cquirke (MVP Win9x) wrote:

Why is it "absurd" to report an informed opinion based upon years of
experience supporting computers?

Because things have changed and are changing *within* those years, and
because it is untrue that all malware infections proceed through a
front door that the user has to hold open.

That's even allowing for the use of "malware" as a term limited to
commercial malware. Both stupid and ignorant users (and yes, there's
a difference) are more likely to be infected (or rather, are likely to
be more heavily infected) than careful users, and then there will be
some users who manage not to get infected at all.

Nor do I defend any malware vendors, commercial or otherwise.
I simply point out that computer users need to pay attention
and take responsibility for their own actions.

If that was all you were doing, I would not have pounced on you, but
it wasn't. You were implying that every malware infection is the
result of a user choosing to install the malware, and that's untrue.

I've heard of claims of "drive-by" installations, but have never actually
seen one, nor have I ever met anyone who had actually seen one.

That's almost proof of being out of the field, or in a very particular
subset of the field at large. I see that sort of thing all the time,
both in my own clients, and when reading up malware descs.

A computer would have to be left in an awfully "unsecured" state for
such an installation to occur.

You mean, exactly as considered "fit to ship" by MS and OEMs?

In *every* malware that case I've seen, the installation of spyware
relied upon the co-operation of the computer user.

I've certainly seen malware on both sides of that assertion - i.e.
pure clickless attacks, fake system dialog boxes, less overt false
pretences, to an outright "click here to install adware".

If someone gets malware on their computer, be it a virus, Trojan, worm,
adware, or spyware, it's because the computer user failed to take the
proper security measures.

We are associated with a vendor who ships products that were designed
to facilitate stealth installs via web sites, email and even Office
documents. In addition, these products so often have not-by-design
defects that facilitate attack, that limiting repairs to a
once-a-month basis is seen as *reducing* the patch load.

We are the last people who should be pointing fingers at users, for
the simple reason that what we patch today, may already have been
exploited for weeks already.

Yes, users have to be smart; smarter than they should have to be,
because of ongoing product defects and a legacy of designing software
for the benefit of potential attackers. But user smarts are not
enough, unless you forego many of the possible uses of the Internet.

Many of us do forego such uses, and this cuts down our risk exposure.
I'll leave it to you consider the uncomfortable real-world parallels.

-- Risk Management is the clue that asks:

"Why do I keep open buckets of petrol next to all the
ashtrays in the lounge, when I don't even have a car?"

 

[Bruce Chambers]

Because things have changed and are changing *within* those years, and
because it is untrue that all malware infections proceed through a
front door that the user has to hold open.

I've yet to encounter any malware that does *not* use a crudely hidden
front door, nor have I ever met anyone who has. (Of course, that
doesn't mean such can't exist, but must be awfully rare.)

That's even allowing for the use of "malware" as a term limited to
commercial malware. Both stupid and ignorant users (and yes, there's
a difference) ....

Yes, I know.

.... are more likely to be infected (or rather, are likely to
be more heavily infected) than careful users, and then there will be
some users who manage not to get infected at all.

I think that supports my contentions quite well, thank you.

If that was all you were doing, I would not have pounced on you, but
it wasn't. You were implying that every malware infection is the
result of a user choosing to install the malware, and that's untrue.

Not in my experience.






--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH