IRT > HelpCentral > Virus/Security > Malware


IRT

  • NEWS!!
  • About IRT
  • Facilities
  • Policies
  • Strategy
  • Metrics
  • Tech Updates

    • SERVICES

  • Computer Accounts
  • Computer Marketplace
  • Mass Mailing
  • Music Select
  • Telephone Services
  • Bb/Vista
  • Workshops

    • SUPPORT

  • HelpCentral
  • Networking
  • System Status
  • The Computer Fixer
  • Web/Media Support
  • Virus Information

    • SEARCH IRT:
     

    CONTACT IRT

    IRT SITEMAP

     

    Malware

    You don't want it!  You don't need it!  What do you do about it?

    These days, if you go on the internet, you're going to get some malware at some point.  In fact, chances are pretty good that you've already had a run in with it.  Spyware infestation is quickly becoming the #1 cause of help desk calls for many computer manufacturers.  If you've ever tried calling Dell, for example, you've probably been told that they can't help you with spyware because it's not their problem.  Where do you turn for help? 

    Many people turn to us in IRT for help, and we do what we can, but there's a lot that you can do yourself to clean things up (if you're already infested) and protect your computer from future or re-infestations.  There are a wide array of specialize programs out there designed to help end users like you to fight back against this onslaught.  On this page, we've compiled links to some excellent tutorials and resources to help you take your computer back.

    Malware Prevention
    Malware Cleanup
    Dealing With Browser Hijacks

    Malware Prevention

    As they say, an ounce of prevention is worth a pound of cure.  This is absolutely true when it comes to spyware and adware.  These programs most often install themselves covertly, surruptitiously stealing a clock cycle here and a chunk of memory there.  Over time, these bits and pieces add up and you're left with a sluggish, unresponsive system. 

    This scenario is preventable, though!  With a bit of planning, configuration, and a few small applications you can safeguard your system against the vast majority of malware threats.  Many of the current threats are based on malicious (or at the very least unfriendly) ActiveX controls that are built-in to certain webpages or linked to certain URLs.  When you end up on one of these pages, without software to block it, the default settings in some web browsers (Internet Explorer included) will allow this nasty code to execute and do its thing.  There are ways of tweaking IE's security and privacy settings to prevent this, but manually adjusting those settings can be very time-consuming and frustrating.  Thankfully, there's a program from JavaCool Software called SpywareBlaster that's designed specifically to protect you from this malicious content and help you to configure Internet Explorer's ActiveX settings easily.  BleepingComputer.com has a bunch of very well-done tutorials available, including one covering how to use SpywareBlaster to protect your browser from ActiveX-based malware.

    In addition to malicious ActiveX controls, there are all sorts of other dangers out there just waiting for you.  JavaCool has another program called SpywareGuard which provides the same level of browser protection as SpywareBlaster, but it handles only the non-ActiveX-based stuff.  Both of these tools, used together and kept up-to-date, provide a great deal of protection against many types of malware.  BleepingComputer.com also has a tutorial on how to use SpywareGuard to protect your browser from non-ActiveX-based malware.

    Go back to the top of the page.
    Find out how to clean up an existing problem.
    Need help removing a browser hijack.

    Malware Cleanup

    Ask yourself the following questions:

    • Has your browser's home page inexplicably changed?  (Note: Windows itself will occasionally change your homepage to the WindowsUpdate page if you haven't run WU in a while)
    • Do you get a bunch of popups as soon as you connect to the internet or open your browser?
    • Have you or anyone else installed any games, screensavers, etc, that were downloaded from the internet?
    • Does your computer seem to keep getting slower and slower?

    If you answered "Yes" to any of them, then you probably already have malware of some kind.  What you need to do now is get rid of it!  Two of the most popular and effective programs for doing this are Spybot Search & Destroy and Lavasoft's Ad-Aware

    Why use two different programs that do the same thing?  Just like SpywareBlaster and SpywareGuard (described above) protect you from different types of threats, different malware removal programs help remove different types of malware.  Sure, they both get rid of some of the same things, but there are certain threats that Spybot misses and Ad-Aware will pick up or vice-versa. 

    Spybot Search & Destroy is one of the oldest spyware-specific programs around and has developed into a very full-featured product.  Not only does it help to clean up the malware already on your computer, it will also help to protect you from re-infestation by monitoring and intercepting changes made to your browser settings or the Windows Registry.  For more details on how to install and use Spybot Search & Destroy to clean & protect your computer, check out the Spybot Search & Destroy tutorial at BleepingComputer.com.

    Even with all it's features, there are certain types of malware that Spybot Search & Destroy may not detect or remove.  This is where Ad-Aware comes in.  The personal-use version (Ad-Aware SE Personal) is free for personal, non-commercial use.  When properly updated, it does a good job of detecting & removing some threats that slip under Spybot S&D's radar.  It's also very simple to use, so even those who may not be the most computer literate folks around can use it with confidence.  To find out how to install and use it, visit BleepingComputer's Ad-Aware tutorial.

    Go back to the top of the page.
    Find out how to prevent future spyware and adware problems.
    Need help removing a browser hijack?

    How to deal with browser hijacks

    Just like virus and worm authors, the people who create spyware and adware are getting more and more creative every day.  Some browser hijacks have even begun using trojan-like methods to avoid detection and removal.  In general, Spybot Search & Destroy and Ad-Aware will deal with most of the malware you're likely to run across.  When you've run both of those and still have problems, though, you need something a bit more aggressive.

    There are dedicated tools available to deal with some of the more commonly persistent threats out there.  For example, CoolWebSearch is a hijack that installs as a seemingly helpful searchbar in Internet Explorer.  It may actually be helpful to someone, but I can guarantee that that someone isn't you!  Getting rid of it, however, is no easy chore.  Thankfully, a resourceful Dutch student came up with a removal tool designed just to rid you of CoolWebSearch called CWShredder.  He's since sold the code to InterMute for inclusion in there SpySubtract (commercial) software, but you can still download the standalone version of CWShredder here.

    If you've got another type of browser hijack, there's a more general-purpose tool available: About:Buster.  This tool is fairly effective at handling most of the common hijacks; at least, the ones it knows about.  You can read more about it at the MalwareBytes home page.  The usage instructions are right on the homepage and you download it using the Downloads link in the upper left.

    Finally, if nothing else works, there's one more program that might be able to help, but you need to tread carefully.  HijackThis, from the same author as CWShredder, essentially lays bare a whole mess of browser and system settings so that you can identify the problems and weed them out.  If, that is, you know what you're doing.  If you don't (and there's not shame in admitting that...until you've used HijackThis at least a dozen times or so, you probably won't know what you're doing), you can end up doing more harm than good if you just start plucking things out. 

    The right way to do it is to just ask for help.  When you run HijackThis, it generates a log file detailing every setting that it digs up.  You simply copy & paste that log file into a post in one of the many message boards out there dedicated to HijackThis and the helpful folks there will help you to decipher it and point out things that you should or might want to remove.  Whatever you do, do not just start checking and removing entries.  That's a great way to end up with a totally non-functional browser and/or computer. 

    You can download HijackThis from Merijn.orgBleepingComputer.com has a great tutorial on how to use HijackThis to clean up browser hijacks, including a link to their own message board where you can post your log file for help.  Like I said, though, there are many, many other boards out there to choose from.  Here are just a few others:

    If you choose to use HijackThis, I cannot stress enough how careful you need to be.  It's an extremely powerful tool, but just like other powerful tools, it can be dangerous when not handled properly.  I'm not trying to scare you off, just making sure you're well-informed.

    Go back to the top of the page.
    Find out how to clean up an existing problem.
    Find out how to prevent future spyware and adware problems.

     Modified: August 20, 2008 Home Contents Index Contact Us Search Feedback / Corrections