What computer geek hasn’t had to deal with the removal of spyware/adware from the computer of a friend/family member/client/stranger/etc.? I was hired to tame a an unruly computer at the mall, what should have been quite simple turned into something interesting enough for me to post.
After receiving a call from someone who was having trouble at work with their computer, I uploaded the current versions of SpyBot (SB) and AdAware (AA) along with the most current definitions to my USB flash drive (I always have a copy of Firefox as well). Then I hit the road, I got to the mall early, so I got lunch at Hot Dog on a Stick (they have the best cherry lemonade). When I got to the job I was shown the computer and given an explanation of the problems they were experiencing. I sat down and got to work. I installed SB and scanned the computer, it found about 50 things. I rebooted and installed AA. AA detected around 150 things, which I told it to remove. That took a while for those programs to scan and remove all those problems, but there was still an annoying pop-up for some damn German porn site (free-webspace.biz/juvenile) which appeared every time the computer connected to the Internet. My client was also having issues connecting to the Internet because they had just installed DSL (which was totally unrelated to the computer problems). I searched Google (which wasn’t easy because I kept getting booted off), but I found that no one seemed to have a clear idea of how to remove it. I ran msconfig and began searching for weird entries. I found a few additional problems, but no solution to the Euro problem. I was getting quite annoyed, so I took a break and had dinner with one of the firm’s employees.
Dinner was quite nice and I felt ready to kill that stupid website once and for all. I searched some more online, but I still came up empty. Time to check out the Windows task manager. I noticed a couple of processes that looked unusual, but after some research I found that they were ok. Finally, I found “figgaz.exe”, it turned out to be a known bad program. I killed the process and searched the computer for “figgaz”. I found 2 files, one in Documents and Settings for the current user and another file located in C:\WINDOWS\Prefetch begining with “FIGGAZ…”. After deleting the files and rebooting the computer, I connected to the Internet. The German site did not pop up, w00t!
The basic steps to find spyware/adware:
SpyBot > AdAware > msconfig (be careful) > Task Manager
No user commented in " Cleaning up Windows Droppings "
Follow-up comment rss or Leave a TrackbackLeave A Reply