Need some advice regarding spyware removal

Discussion in 'Windows Desktop Systems' started by Punkrulz, Nov 11, 2004.

  1. Punkrulz

    Punkrulz Somewhat eXPerienced

    Messages:
    790
    Location:
    Woodbury, NJ
    Hey guys,

    I have been designated the lead Installer for computers at Circuit City. We had someone that was doing it before, but now they feel that senior members need to be out on the floor, so here I am. I just started doing installations on Sunday, and I'm trying to gather a bunch of ideas on the best way to do things.

    One of the things that we do is a system tune up. That includes removing the junk software that comes with a computer when it's new, or old if they haven't gotten rid of it, such as ads, installers, etc. Another thing we take care of is spyware removal, and that is where this post is coming in. I have seen what two different people use in order to remove spyware.

    One of them told me that they have used Ad-Aware in the past and that it has destroyed computers when you uninstall it. They suggested that I use a program called Web-Root. I personally have used Ad-Aware in the past and I have never had any problems what so ever. Nothing but flawless performance. Webroot when I first used it was ok, but it's a demo program and the other day when I was at work it was horrible. The other told me it's ok to use Ad-Aware. When I used Ad-Aware I was blown away by the performance, so that's always a plus.

    But here's where I want your suggestions. What software should I use to take care of these system tuneups? I need something that is going to work well the first time around. I have a little thumb drive that I carry around at work that is going to be having this software on it, so feel free to recommend a few things and why. Now I've also been going through and turning off some Startup Spyware as I see it. What do you guys thinks about that? And lastly [none of this is in any particular order] I would go through Add/Remove programs and remove some spyware items that I have seen, and some programs that the customer may not use / or the software is harmful or closing slowdowns.

    If you were tasked with a "system tuneup", what would you clarify that as? What would you personally do for this?
     
  2. Kush

    Kush High On Life!

    Messages:
    4,590
    Location:
    Montreal, Quebec
    ok, this is what i do and it always works great for me, use ad-aware, spybot, and then install service pack 2 if they are running windows xp, or the latest service pack for the windows they are using in that matter, and then use perfect disk and defragment using the smart placement online defragmenting, and also the boot/offline defragment, this will make the computer much faster then it was before
     
  3. Punkrulz

    Punkrulz Somewhat eXPerienced

    Messages:
    790
    Location:
    Woodbury, NJ
    Perfect disk? Smart placement online defrag? What are those... I know what defrag is, but didn't know you could do it online.
     
  4. ThePatriot

    ThePatriot -=[BOHICA!]=- Political User

    Messages:
    1,742
    Location:
    Pennsylvania
    I agree with mafia. We use the AdAware/Spybot combo on our customer pc's here at work and it does a pretty good job. We also load the Google toolbar (for the popup blocker component).
     
    FishBoy likes this.
  5. Punkrulz

    Punkrulz Somewhat eXPerienced

    Messages:
    790
    Location:
    Woodbury, NJ
    I've been thinking about loading the Google Toolbar, I am going to gather a general concensus from the people at work to see if when they did installations in the past should I install that. I have it on my thumbdrive, so it's just a matter of getting it onto the computers... but with some of the computers I've been dealing with last night, it's going to be a vital component.
     
  6. well i'll explain that one in more details, on perfectdisk you can see all the hard disk drives you have double click them one by one and check the "aggressive placement .....", then click on defragment select the 1st option in the dialog box and select the check box at the bottom that says use that option everytime and let it defragment, when it finishes click on "offline defrag" and reboot the system it'll defragment system files, hybernate files, and meta files before starting windows
     
  7. j79zlr

    j79zlr Glaanies script monkey Political User

    Messages:
    2,725
    Location:
    Chicago
    Shouldn't they train employees who are getting paid for removing spyware?
     
  8. Punkrulz

    Punkrulz Somewhat eXPerienced

    Messages:
    790
    Location:
    Woodbury, NJ
    There isn't really anything to train on. I hope you're not suggesting that I'm incompetent for the position. This is all strictly a judgement call on everything that we do as installers when it comes to the System Tuneup. I'm asking my questions because everyone is going to have their own thing that they do. I'm trying to combine the information for the best job possible. I personally use Adaware and Spybot [pending if it works], turn off everything that isn't necessary in msconfig, and do uninstallation, which for the most part is what we do at Circuit City. However there is always something that someone does, or knows about, that can make it a little bit better, and that's what I'm digging for.
     
  9. j79zlr

    j79zlr Glaanies script monkey Political User

    Messages:
    2,725
    Location:
    Chicago
    I'm not suggesting that at all, I was just simply stating that I figured that a large company like best Buy, Circuit City, etc. would have a specific method that you would follow. Personally I thought that they just formatted all the PC's that came in to them.

    If you really want to remove spyware, you must learn HijackThis. It is probably the best app in a person who knows what they are doing's hands. My Spyware removal kit contains:

    Spybot S&D
    HijackThis
    CWShredder
    Lop.com uninstallers
    VX2Finder
    LSPFix

    With those you can pretty much get rid of 99% of spyware.
     
  10. Kush

    Kush High On Life!

    Messages:
    4,590
    Location:
    Montreal, Quebec
    then also install mozilla firefox, and explain to the customer why u put it so they keep on the system, tell them also to spread the word, so we can fight spyware :)
     
  11. Punkrulz

    Punkrulz Somewhat eXPerienced

    Messages:
    790
    Location:
    Woodbury, NJ
    Jay79, What are these:
    Lop.com uninstallers
    VX2Finder
    LSPFix

    I have never heard of them. I know HiJackThis within reason, I placed it on my thumbdrive for access as well... but I can only do that with limited capability. I don't know all of the bad stuff that is listed from the HiJackThis log, and I don't really have the time frame to be able to scan their computer, post the log on a message board [I usually use techguy?] and wait for an answer as to what to delete. :(

    Here here for Mozilla Firefox!
     
  12. j79zlr

    j79zlr Glaanies script monkey Political User

    Messages:
    2,725
    Location:
    Chicago
    lop.com is the nasty spyware that messenger plus installs. So it is fairly common, lop's uninstallers actually work.

    VX2Finder is used to find vx2.a.better.internet spyware, not as common anymore as it once was, but I still scan for it.

    LSPFix will fix a broken LSP chain usually caused by New.Net when removed with adaware. This is the most common reason for no internet access after removing a bunch of spyware.
     
  13. Steevo

    Steevo Spammer representing. Political User Folding Team

    Messages:
    2,566
    I just had my first run in with new.net the other day. LSPFix works easy.


    I will agree with all of teh recommended tools above.
     
  14. Punkrulz

    Punkrulz Somewhat eXPerienced

    Messages:
    790
    Location:
    Woodbury, NJ
    Hmm... I remember removing spyware before and not being able to access the internet, but I forget how I fixed that issue in the past... Do you have links? I'm at work right now until 8pm, but I can google them when I get home... I guess that would always be beneficial to have in my arsenal... it kind of sucks though that I have never known about that until now.
     
  15. j79zlr

    j79zlr Glaanies script monkey Political User

    Messages:
    2,725
    Location:
    Chicago
  16. Punkrulz

    Punkrulz Somewhat eXPerienced

    Messages:
    790
    Location:
    Woodbury, NJ
    Thank you sir, and sorry for jumping down your throat, I took what you said the wrong way. :p
     
  17. Punkrulz

    Punkrulz Somewhat eXPerienced

    Messages:
    790
    Location:
    Woodbury, NJ
    Spoke with someone else from Circuit City today, they put him doing installs since I wasn't working and he wasn't doing much of anything. This guy has been working on computers his whole life [old guy], he's MCSD Certified. He gave me some of his opinions [except he tries forcing them as facts.]

    Here's what he does, and this is step by step in order what he does to make sure he can remove spyware from a computer.

    1) Prevent the computer from going online.
    2) Delete all temporary internet files, cache, cookies, etc.
    3) Kill any known processes that you think may be spyware running atm.
    4) Install the latest norton. Do a full system scan, see what "threats" come up. He prefers doing norton, he feels that programs like Spybot, and Ad-Aware can destroy computers when you uninstall the programs -> they destroy the registry apparently [I choose not to believe him, I haven't had any bad luck].

    Now he really didn't go any further, but I'm trying to get the full process...

    j79, What do you do, step by step, in order, beginning to finish, to completely "tune up" a system, remove unnecessary files, clean up spyware, clean up startup, etc...

    Yes, I sound like a newb guys, but my disclaimer is that I have my own ways of doing things. Now I'm going to be doing this on a higher level on customer's computers representing a corporation. I am trying to compile every little tidbit of information from everyone to basically make a super tuneup, by incorporating great strategies by many people into one strategy...

    So no, I'm not a newb. :)
     
  18. LordOfLA

    LordOfLA Godlike!

    Messages:
    7,027
    Location:
    Maidenhead, Berkshire, UK
    I have a few things to chime in with here.

    1) AS lead installer you should know about all these tools already
    2) AS lead installer you should be confident in your own skills and experiance rather than strangers you've probably never met on a tech forum where alot of the people are clueless - and yes that means you can consifer me clueless too until you meet me in person to verify othewise
    3) Never trust a MS certifed person, that just means they jumped through hoops for 3-6 months and know ****e all else
    4) Just cos a guy is old and has worked with computers all his life doesnt mean he knows alot, he's probably got stuck in a certain rut, and judgind on your comments about the guy placing all trust in norton, that just about justifies my point.
    5) The more you say you're not a n00b just makes you sound more like one.
    6) As a hint: Ad-Aware, Spybot, Giant, Pefect Disk, Kaspersky AV or AVG Free edition, Sun Java 1.5, XPSP2, 2000 SP4, Update drivers, CCleaner (ccleaner.com), Tune Up utils 2004
    7) You want fries with that
    8) Have a nice day

    :D
     
  19. j79zlr

    j79zlr Glaanies script monkey Political User

    Messages:
    2,725
    Location:
    Chicago
    I usually:

    1) Install/update then run Spybot first, let it kill known problems.
    2) Run CWShredder letting it fix everything
    3) Run VX2 finder, have it clean and restore reg if there are problems
    4) Run HJT, fix problems.
    5) Boot into safemode, clean TEMP locations, and delete files identified with HJT
    6) Uninstall Norton or McAfee if its installed, then install AVG, update, scan.
    7) Install Sun's Java
    8) Redo 1-6 and make sure everything is clean.
    9) Get all Windows updates, also Office updates if installed.
    10) Defrag
    11) Collect money

    If someone has problems with Spybot then I don't know what they are doing but it is 100% safe. I do not use AdAware simply because I can find the problems with HijackThis and I'm used to SSD. I just use Spybot as a quick cleaning tool, and it can find reg entries and folders/files that are left from some spyware but not necessarily harmful.
     
  20. yoyo

    yoyo _________________

    Messages:
    1,557
    J79, you really should have a look at AdAware again. In my opinion it is far better than Spybot now.

    Did some tests lately and infected my test installation heavily. AdAware found 500 problems and removed them. One of the nasties a CWS random number sp.html. Adaware removed the service and all files. Must say I was impressed. The spybot check afterwards came out clean.