Spyware, Malware, Adware, Ransomware... the annoying family of software we all hate has a variety of flavors, but they all essentially do the same thing. They get installed on computers, make our days miserable, and slow us down. "How did it get there?" is a question best left to answer once the spyware is gone.
We see spyware infections on computers multiple times a week. Some are trivial to get rid of, while others require some pretty advanced registry editing.
If you've gotten infected with spyware, here are some steps you can take to get your system back to health:
- Run rkill
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections. When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies that stop us from using certain tools. When finished it will display a log file that shows the processes that were terminated while the program was running.Why: Things don't clean/uninstall well when they're running. Instead of rebooting the computer and taking it off the network, this program kills the processes, checks the firewall, combs the registry, and some other nifty things. Saves time.Download latest: http://www.bleepingcomputer.com/download/rkill/dl/10/
- Run Adwcleaner
AdwCleaner is a program that searches for and deletes Adware, Toolbars, Potentially Unwanted Programs (PUP), and browser Hijackers from your computer. By using AdwCleaner you can easily remove many of these types of programs for a better user experience on your computer and while browsing the web.Why: Fast, reliable, works. No nonsense.Download latest: http://www.bleepingcomputer.com/download/adwcleaner/dl/125/
- Run Malwarebytes Anti-Malware
Malwarebytes is a light-weight anti-malware program that is excellent at removing the latest detections. This program is recommended as a support product for your normal anti-virus program.*Note: I do not enable the trial unless the user plans on purchasing, or it's highly likely I'll need to scan again (NSI, for example) If they do want to purchase, it's $25 for 3 computers for 1 year.**Next Note: As soon as you install, it will ask you to update the detection database. Do this. Now, aren't you glad you ran rkill? (you did run rkill, right?)
***Last Note: Sometimes the DB update will require a new install of MBAM (bleepingcomputer.com is not always up-to-date).
Why: MBAM is relatively bloatless, and does a great job at weeding out spyware. It does a pretty deep intense scan that can take some time.
- Remove Malwarebyte Anti-Malware (unless user purchased or wants to do trial)
The Malwarebytes Anti-Malware Cleanup Tool allows you to completely uninstall Malwarebytes Anti-Malware in the event that you are unable to uninstall it properly from the Windows control panel. When this tool runs it will search your computer for installations of Malwarebytes Anti-Malware and remove it from your computer.Why: Faster/cleaner than running the uninstall. The non trial version doesn't include real time protection, and with the updates being so frequent, might as well just reinstall.Download latest: http://www.bleepingcomputer.com/download/malwarebytes-anti-malware-cleanup-tool/
The Best Defense Is Always A Good Offense
Protecting your computers is always the best thing to do. Windows Defender (which replaces Microsoft Security Essentials in Windows 8) is a good place to start. For Riptide's Managed Services customers, we deploy agents on computers that actively scan systems looking for particular malware. Once found, the file is locked, and we're notified. Often times the end user isn't even aware of the spyware attempt on their computer.
For more information about how Riptide Managed Services can help you and your company, Contact Us today.