20 September 2007
Ad-Aware 2007
For a considerable time, I have been touting the virtues of Lavasoft’s Ad-Aware Personal Edition to aid in the removal of spyware and adware. Earlier this year, Lavasoft introduced its latest edition in three different packages – Ad-Aware Pro, Ad-Aware Plus, and Ad-Aware Free. The major differences between the two paid packages (Pro and Plus) and the Free version are the Automatic Threat Updates and Real-Time Monitoring. You can see a complete comparison chart here.
Most of you will be served by the free version, which can be downloaded from Lavasoft's Website here. Once you have downloaded the program, you can install it easily. Simply follow the on-screen instructions. The first time you run it after installation, you will be asked for Licensing Information. Click cancel, unless you wish to purchase the product.
Updating Definitions
When Ad-Aware starts, the System Status Protection screen is displayed.
Note that “Real-time protection” will be off unless you have purchased
one of the upgraded versions. Automatic updating should be on. If Ad-Aware
has not mentioned that your anti-spyware definitions are out-of-date,
you can still manually update by clicking the “Update” button. The anti-spyware
definitions are akin to the virus definitions used by your antivirus
program and should be kept up-to-date. This procedure will require an
Internet connection. If you are not already connected, do so.
When you click “Update,” Ad-Aware will tell you that your definitions are outdated and ask if would like to update the files. Click “Yes.” If software updates are also available, click “yes” to get them. When the Update Manager appears, click the “Download” button. You will be notified when the update has been completed. Click “OK” to close the manager.
Scanning for Spyware
Be sure to update before scanning. Click the Scan button in the lower
right corner of the status screen to begin the scan. On the next screen
you
will
be
asked
to select
a scan
mode. Choose either Smart Scan or Full Scan.
- Smart Scan
The Smart Scan is a fast system check that scans only the most critical sections of your system. The Smart Scan will scan your memory, registry, cookies, favorites, and Hosts file. The directories scanned are Windows, Temp, and Program Files. The Smart Scan does not scan archived content.
This scan mode should only be used for daily system maintenance; use this scan if you are sure that your system is clean and you have performed a Full Scan or an in-depth Custom Scan on your main hard drive at least once during the past month. If this is your first scan, you suspect that your system has become infected with suspicious content, or you have used another anti-spyware product prior to installing and using Ad-Aware 2007, you should perform a Full Scan.
- Full Scan
The Full Scan is an in-depth scan mode that thoroughly scans your entire system including all local drives. We recommend using the Full Scan when you use Ad-Aware 2007 for the first time, and at regular intervals to ensure that your system is clean.
The Full Scan takes longer to scan your system than the Smart Scan, but is more likely to find infections that have been installed on drives other than your main hard disk or in your archives. In addition to the areas scanned during a Smart System Scan, all fixed drives and archive files are scanned.
- Custom Scan
Custom Scan scans your system using your pre-configured settings. You can customize Ad-Aware 2007 to scan specific sections or directories. (This option is unavailable in the free version.)
After the scan is completed, you will be presented with options to "Show Logfile" and to proceed to the "Next" step. Make your selection and, if you choose to view the log, simply use the "back" button to return you to the previous screen. When you click the "next" button you will open the results screen where you can review the objects detected by Ad-aware.
Please be sure to review each item that has been presented in the results screen before removing it. Ad-aware is designed to report possible suspicious content present on your system and to allow you a simple method for removing it should you so decide. Note that Lavasoft does not suggest or recommend that everything detected by Ad-aware should be removed. It is up to you the user to make that determination.
According to Lavasoft, "All items detected by Ad-Aware are qualified using a Threat Analysis Index (TAI) prior to inclusion. The system is based on a total of 10 points, 1 being the least and 10 being the most threatening and/or problematic. Behavior and intent weigh more heavily towards becoming a legitimate detection than do the technical aspects." You can read more about this in the "Threat Analysis Index" section of the Ad-Aware Web site.
What to Do with a Detected Item
Every item detected by Ad-Aware will be categorized as either Critical
Objects or Negligible Objects. Among the Negligible Objects will be
things called "MRUs" (Most-Recently Used). MRUs (or MRU Lists)
store information about the most recently used items, for example files,
search
words and programs. MRU Lists are not considered to be a threat to
your privacy. Ad-Aware supplies you with the ability to remove these
MRU lists
if you wish to do so. If you are not sure what to do with an item,
quarantine it.
The Negligible Objects list shows the following:
- Obj.: Select objects by ticking the box
- Type: Tells the type of the object
- Description: A brief description of the object
- Location: Tells the location of the object
- No. Items: Tells the number of objects in each MRU List
Critical Objects should be removed, but you can view the list of Critical Objects and determine whether or not to delete them. The list includes the following:
- Obj.: Select objects by ticking the box
- Name: Names the company that developed the object or the target family
- Type: Tells what kind of object it is, such as File, Registry Value, tracking cookie, etc.
- Category: Tells the category in which Lavasoft has it listed, such as Data Miner, Malware, etc.
- Object: Tells where the object is located: its path in Explorer, or its location in the Registry
- Comment: includes the name of the object and a brief description. To read the complete text in the comment scroll to the right side of the screen, open the window full screen, hover your mouse over the entry, or use the right click-context menu.
If you have made the decision to remove an item or multiple items - tick each entry individually or select a single item from the list - right-click with your mouse, and then select the appropriate option from the right-click menu. When you are satisfied with your selections, click the Next button to begin the removal process.
If you have decided to keep an item, select it from the results list (be sure to unselect other content you wish to remove following this step) and right-click the entry to open the right-click menu. Either select each item individually for each component to be ignored or choose the "select all objects" option. Select the "add selection to ignore list" to add this content to your ignore list. Ad-aware will not present this item to you when you perform further scans. Once this content has been added to your ignore lis,t you will be taken back to the scan results screen where you can repeat the above process as required, to not select anything more (all items are unchecked), or to remove the content as you choose.
If you are not certain about an item, you can Quarantine it. Quarantined objects are not deleted from your system, but will not be running on your system, either. You can view and manage quarantined items by clicking the lock icon (Quarantine Manager) on the main status screen. In the Quarantine Manager you can choose to restore the item or permanently delete it.
When you are finished making choices regarding the objects and having nothing else to do, close the program by clicking the "X" in the upper right-hand corner of the program box.
Ad-Aware should be used to scan your system at least once every two weeks. This will reduce pop-ups and other annoying ads and make your Web surfing experience a more pleasant one.