How to get rid of spyware and use the web correctly

Unfortunately, I spend most of my time (in terms of a real job) as a sys admin. I prefer to think of myself as a programmer by nature, but my current job life has evolved into more sys admin than anything else.
With this related work, it has come to my attention from watching users, both here and in homes, interact with their web browsers (here at work most everyone uses IE even though I have repeatedly told them to use FireFox when possible).
I have also watched the stats on this and other sites to see how people come in to the sites.

Things I have noticed:
1) people tend to have multiple toolbars installed on their browser, and when asked they usually don't know how they got them, nor how to get rid of them
2) people tend to use these toolbars to get to a page instead of typing in a URL into the address bar

From what I can tell, these two things go hand-in-hand. There are various spyware programs out there that people install without knowing (in IE) and these things override anything you type into the address bar. I could type in "http://www.spamblogging.com" into the address bar on their systems and it would sputter and jerk about, eventually going to another site which is showing them all ads and a search page. The truly clueless will then type "www.spamblogging.com" into the search page there and get to this page that way - usually after clicking around on the links first before getting to that point. This cluelessness makes money for the person running that page.
Eventually that user may notice that one of their toolbars has a search dropdown as well and if they type "spamblogging" into that first, it takes them to a search page and one of the options in there will probably be the page they want to get to. Then they click on that and they get to the page.

It blows me away that people put up with this. But after removing spyware from so many machines, I have simply gotten burnt out and I no longer care. I shake my head and give up on the person. If it is the first time I see this happen, then I will probably try to educate them on how to remove the spyware and then more importantly how to avoid getting it again. This is a crucial thing to know and remember, yet they never do - I have not once in the 300+ people that I have worked with (just in dealing with spyware and spam over the years) - ever seen anyone actually catch on and not get spyware again.
What they do learn is that no matter what they do, they can just ask me to fix it again for them and they can get back to banging on the keyboard and clicking "Yes/OK" to absolutely anything that pops up on their, regardless of what I had tried to teach them.
So I have simply burnt out and given up. Unless they are in the office, I refuse all outside work now and will not help people after having already helped/educated them.

They will say to me that their machine is slower than it was when they bought it and they think they need to buy a new machine. I look at them and have to remind myself that they are successful in their life and jobs and can't possibly be mentally retarded, yet everything they are doing sure seems to point that way. I then chide myself for being such a jerk and I tell them the following things, the same things that I will tell you here and hopefully eventually people will catch on.
Either that or I will be killed in a tragic bus accident and not have to do this anymore.
1) Computers don't just go bad over time. Sure, hardware fails - usually either the monitor after 5 years (with a wonderful BANG! and some smoke, or a less dramatic discoloration of the screen), or with a spectacular "sproing!" the hard drive may fail. But the computer doesn't just slow down dramatically with age like some retired football player thinking back to the glory days.
If your machine is slower than when you bought it and your net connection drags, it is nearly 100% likely due to you having viruses/spyware/trojans/etc (malware) on your system. They are taking up RAM on your machine, occupying the CPU, and flooding your network connection as they do all sorts of bad things.
2) Buying a new computer will not solve your problem. It will briefly allow you a break from the awful drag that your other computer had become, but since you have not changed your computing ways you are going to soon enough have all of the exact same problems again - and much sooner this time since you don't have the luxury of the lead time of spyware to be developed. It is all out there, it fooled you once, and it will fill your new computer in a month or less if you haven't changed your ways.
3) Be honest with computer people. If you lie to them, they are going to know it when they work on your system, and if they are as jaded as me it will just piss them off. Don't tell them that you never click on pop-ups and that you have never installed anything other than boxed software which you bought in a store. Don't tell them that you don't use file sharing programs when you clearly have Kazaa on your machine - and not even the Light version. (to be fair, if the system is used by a family, frequently the parents really haven't done this, but there is a child in the family that has - make them aware of that - although that too will be denied 9 times out of 10 - trust me - "Our Johnny would not install that on here, I have told him not to." Right)
4) Don't use Windows. The easiest and fastest way to a virus and spyware free life is to buy a Mac. It costs more, but you don't have to worry about this crap. If everyone does that, then spyware and virus writers will go after the Macs and it won't be as nice - but it is a long way off at this point. Buy a Mac and shut up.
5) If you do use Windows, the built in Firewall is a funny joke that Microsoft put in there so that back at their headquarters they can high five each other and occasionally say "remember that firewall thing we put in Windows XP" and then all start laughing. It is crap, don't rely on it. Get a hardware device - due to mass production and competition in the market, they are cheap now - especially considering how much it helps you once it is in. Read the manual and follow the instructions, you CAN do it. They aren't trying to hide it from you, and you went to school - you can read. Read the manual, click on the buttons, it isn't that hard. This also will allow you to have multiple machines on the network - you don't need a separate DSL connection for each machine. Don't ask me to help you set that up when you can put in a router/switch/firewall device that does this for you. Hell - go nuts, get a wireless one.
6) To get the spyware off, install well known and trusted anti-spyware programs. Don't pay for anything or install anything until you have read around about it FIRST. I have a user here at work who did a search (in one of his toolbars which he didn't install) for "no spyware". The first hit that came up, he clicked on, found a link to download the product and did just that. The download finished, he installed it and there was a popup telling him he needed to pay for it. So he did - here's my credit card now get to work. THEN he started reading reviews about this bit of software, and THEN he found out it was a scam and didn't work and continually charged him fees, and THEN he came to me frantic and wanted me to fix all of this. (the worst part is that when I confirmed that it was in fact a scam and that he needed to cancel that credit card, he was in denial and told me that he thinks he can still trust it - and was charged a lot of money that month - and then blamed me for it - THANKS!) AdAware is one you can trust.
But much much much MUCH better is to actually learn about the damn things and get rid of it yourself. Right click on the taskbar (don't know what that is? LEARN and then bask in the chorus of angels singing when you are that much smarter about this device you put your credit card info into on a regular basis but have no clue how to use) and select "Task Manager". Go in there and find the process listings and make sure you check the box to see all of the processes. Oooo, exciting - look at them all. In there, you will see the names of processes running on your system. Look up on Google every single process in there and read around to see what that process does. If it is spyware or a virus, it will turn up in those searches, and you should make note "process XYZ is virus ABC - I should remove that". Go through them all that way.
Now, go to Start and then Run. In there type "msconfig" - that will bring up a program called (hold on to your seats) "msconfig". It is the System Configuration Utility. In there, go to the "Startup" tab.
This will show a listing of everything that will be run when your machine is started up. Go through every single listing there and do a Google search on it. If it is anything even remotely bad or something you don't use - uncheck the box next to it.
Then when you have gone through them all and done this as necessary, click OK to get out - agree to whatever it warns you (it is going to let you know that you made some changes and warn you that this might change things... no way! - this is fine and what you want agree to it and move on with life - hell, blindly agreeing to popups in the past is what got you here in the first place, you should be used to it). Now restart your machine.
Because you turned off those programs, they aren't going to startup in memory and therefore your resources should be freed up to use the machine without it being as slow. They are still on your machine, but they are dormant - without a startup call to them, they are crippled.
When you restart, you will probably see some message warning you that you changed your config - click that yes it is fine and don't warn you about that again.
Now run a virus scan on your machine (don't use your built in one since it can be compromised by trojans which you probably have - go to http://housecall.trendmicro.com and use their free virus scan there. Then restart. Then run your anti-spyware software, then restart.
Then go to Start and then Config Panel. In there go into "Add Remove Programs" and do a Google search on every single program in there - if it is anything remotely bad or something you don't use - remove it.
Then restart.
Then go to Start and then Programs and then "Windows Update". Run that and restart as it requests until it no longer finds any updates for you to do.
Right click on "My Computer" on your Desktop and choose "Properties". In there, select Automatic Updates and make sure that it is on "Automatic" and with a schedule of "Everyday".

After all of that, you should be okay (or at least better). You then just need to remember that you probably don't need a thing in your taskbar that tells you what the weather is outside. And if something pops up and asks you if you want to trust something from some company - make sure you really know what that is - default to writing down what it is asking you, clicking cancel - doing a Google search on it - and then if it turns out to be okay - then go back to that page, reload it and then allow it to install - but still be skeptical of it.
And use FireFox instead - if a page just won't work at all - then use IE.

OR

Or you can just keep hiring someone like me to come over every week and fix your machine until they snap and can't take it any more and then they post some bitter, jaded, cynical, malcontent, misanthropic rant like this on their website and stop taking your calls.

Posted by Eric at March 1, 2005 09:54 AM | TrackBack