Secrets of Spyware Removal

Last night at around 9, my neighbor called to ask if I knew anything about viruses. Seems his Web browser was all messed up. I immediately suspected spyware, and after a quick house-call (that's just the kind of good neighbor I am), I was proved correct. His system had spyware by the truckload: GAIN, CoolWebSearch, Claria, and lots more. His browser was so hijacked, we couldn't use it download any spyware removal tools (big surprise).

So I dashed home and burned a couple utilities to a CD: Ad-Aware SE Personal and Microsoft's Windows Antispyware beta. We installed the latter first--it's a polished and robust tool, especially for a beta--and let it loose.



After about 10 minutes, the software revealed over 5,000 bits of spyware code. Wow. We put it to work removing and/or quarantining all this gunk--only to find that the browser was still hijacked. At this point I needed to head home for the night, so we resolved to pick up again in the morning.

Today my neighbor told me that he'd run Windows Antispyware several more times. Each time it found fewer and fewer spyware strains. Eventually, the system was purged (and protected, thanks to the software's real-time monitoring). His browser is now fully functional (though I urged him to download and use Firefox, which is much more spyware-resistant).

The moral of the story? Well, there are several, but the key one for today is that you may have to run your spyware-removal utility more than once to fully eradicate the bad code. It may not catch everything on its first, second, or even third pass.