So, you, your child or spouse accidentally installed a program/toolbar/something else, and since then your computer has been acting a little (or very) off. Your browsers homepage has been changed, all kinds of ads are popping up when you’re browsing, and so on. It is possible that you have what is commonly referred to as a Possibly Unwanted Program, or PUP.
How can I tell if I have PUPS?
Generally, the first part of a PUP is installed because of something you choose to install. It might be a program (like Conduit Search, a toolbar, Coupon Printer, or something else) that is packaged with another program, and you merely forget to uncheck that you don’t want it installed when you are installing another, legitimate program. Other PUPs can sound like something that might be useful, like a driver management program, or anything else that the makers feel might sound useful and attractive. Many pups get installed merely because you are trying to download something, and mistakenly click on a download button that is part of an ad.
Some things which can indicate that you have PUPS are if your browser is using a search engine other than Google.com or Bing.com (and you don’t remember changing it to something else), your homepage opening to a page you are not used to seeing, pop-up ads on websites where there are usually none, and even a much slower experience when using your computer. These things can reflect that you have other malware as well, however, most of the malware I have been encountering recently has been PUPs. It is important to realize, that if you have some of these symptoms such as a different homepage, or default search provider, and you just change them back, you didn’t remove the program, you just removed some of it’s symptoms.
How can I remove PUPs?
Different programs may require a different removal process, but there are some things you can run, that will effectively remove many possibly unwanted programs.
First, restart your computer, and boot into safemode with networking. Most of the computers that Great Lakes Cru use are dells, so to get to the option to boot into safemode, enter your encryption password like usual, and a millisecond after hitting enter, start repeatedly mashing the F8 key. If you don’t have Truecrypt encryption on your computer, you can just start hitting F8 after you start up your computer.
After you are booted into safemode with networking, go to http://www.bleepingcomputer.com/download/adwcleaner/, download and run adwcleaner. When it comes up, click the Scan button on the left. After it is finished scanning (the scan button will turn Grey), you can check the tabs under results to see if it has selected anything you want to keep. However, in my experience, everything that is selected by adwcleaner for removal are things that you aren’t going to miss. Then click on the Clean button. After it is finished cleaning your computer, it will prompt you to restart.
Then, go to http://www.bleepingcomputer.com/download/combofix/ to download and run combofix. Allow it to do anything that it asks to. After it has finished running, restart your computer.
Go to http://www.bleepingcomputer.com/download/junkware-removal-tool/ to download and run the Junkware Removal Tool. Allow it to do anything it asks to, and when it is finished, restart your computer.
If you don’t already have Malwarebytes installed, go to http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to install Malwarebytes. When your installing it, the free version is all you need. Allow it to receive any updates it asks for, and then run a full scan.
Finally run a full scan using your Anti-virus software.
There are additionl tools on the bleepingcomputer.com site, and most of them are good tools, so if you want to try any other tools, go for it, however if you are unsure about trying a tool, Kristin for help from the Zero Canvas team, or the Digital Stratagies team for help. Likewise, if any symptoms still persist, seek the help of someone more knowledgeable in dealing with malware, you may have something else, or it may be a PUP that is particularly hard to remove.
How can I avoid getting PUPs?
The best way to avoid getting PUPs, is to be careful what you click on online, only install programs that you know you need (while asking someone who is more tech savvy if you aren’t sure about a particular program), and when you are installing legitimate software, make sure you read each step of the installation process so you can opt out if there are other bundled Toolbars/Software. In addition, you can install the Web of Trust add-on in your web browsers, so that you have a better idea of what reputation webpages you visit have.