HomeKeep your PC masks on people, I got spyware. Yep, I was in the middle of browsing a website and one of those “please take a moment to view our sponsor” ads came out. You know, the ones that adbrite likes to show you - the full page ones. Anyways, my browser immediately broke out of the iframe and redirected me to some other site. My antivirus software AVG said it detected malicious activity so I immediately closed it.
I thought nothing of it… No big deal… My antivirus caught it, so I was safe.
A minute later, I get this pop-up:
This may sound a bit dorky, but I kind of chuckled to myself because 1. My WindowsXP system and software is completely up to date. 2. My antivirus/antispyware is also up to date 3. I realize that this spyware is using some kind of 0day exploit to get into my system - which is cool. 4. I also realize how easy it is to get infected, even if you are super careful.
So what do I do? Well, I do what any technician does, I fix my own computer. Here’s what I did:
First I download all my software, install it and update it. Then, I make sure to disconnect my PC from the internet / network by unplugging the network cable. Why? Because some spyware are considered downloaders. Which means, they run in the background and start downloading more junk / spyware into your PC – I don’t want this to get out of control. Sounds like fun right?
SuperAntiSpyware
I update my superantispyware definitions and proceed to scan my PC. It takes a little while, but gets the job done.
Combofix
I downloaded the latest combofix from their website. This is by far one of my favorite pieces of software that kicks spyware/rootkits in the ass. Once I downloaded the file, I immediately renamed it to cf.exe or something other than combofix.exe – Why? Because spyware knows its enemy. Some spyware detect programs like combofix.exe and immediately kill it before it can run. After renaming the file, I run it.
It scans through and finds some stuff. Great! Scan times depends on how badly you are infected. Sometimes, if you’re computer is really jacked up, it won’t boot properly after being cleaned.
Spybot Search & Destroy
This software has been around for a while. It’s still maintained and updated often. I like it.
After running this one last software, it looks like I’m in the clear.
If I wanted to further clean my PC, I COULD use ccleaner or hijackthis. But honestly, my computer runs just fine. Many of the guys I work with are able to manually delete spyware and can easily recognize common spyware filename patterns. Truly amazing.
I hope this may have been of some use to you. =) Sorry, it’s brief, but I jammed it out during lunch.
