Spyware, Scareware and Adware

If you look at the adverts, please come back by clicking the back arrow at the top
Index Page  Index Page SITE MAP                         Next Page - Video conferencing  Next Page

See also Here for Basic Security

Looked briefly at a site promoting Zwinky.  It appeals to youngsters by enabling them to create cartoons of themselves and belong to a social networking game.  But a search revealed that it is part of the Mywebsearch group (see also Face in Hole) and it is advisable NOT to use these sites or the fun products that they promote.

How good is Microsoft Security Essentials ?  Can I get rid of my other anti virus /anti adware programs ?  See Bob Rankin's write up at http://askbobrankin.com/microsoft_security_essentials.html

FunWeb Products is responsible for a number of sites such as Smiley Central and MyWebsearch.  They collect information about your activities and are also said to slow computers down.  You are better off without this rubbish.  See http://www.pchell.com/support/smileycentral.shtml  as to how to detect them and remove them

 Bob Rankin has a rateher dated page on AntiSpyware programs at http://askbobrankin.com/free_antispyware_programs.html  I see he recommends some of the ones I mention below. 

I have had to deal with two very difficult Scareware programs.  These were infections that fill your screen with their 'Anti Virus' product, falsely telling your what is infecting your machine and suggesting that you 'Register' their program (at anything between $50 and $80). Apart from the money the Russian gangsters make from this they get your credit card details and infect your machine further, enabling them to spy on it and get details of key presses (including passwords). The names of the 'products' are usually something Antivirus 2017 or, in the last case Anti Virus System Pro.  The clever thing is that they have discovered how to stop you booting in Safe Mode (the usual technique to cure problems BEFORE such things load). In this case it also prevented my running Msconfig (where these things are often based), so I was unable to clear it from the Startup. Even worse, when I tried to run Restore it said it wouldn't work because it was infected - it wasn't.  Meanwhile the screen was filling up with all this trash about viruses, an advert appeared for Viagra and the bottom line was full of exclamation marks saying that I should update some software ! In these circumstance it is difficult to even email a download something to cure the problem. Eventually I managed to stop things long enough (with Device Manager) to run Restore and got back to a date before the infection.

 I recently caught an infection (I am not immune) that Avast could not get rid of and I eventually resorted to Superantispyware.  It worked and, unusually, I actually bought it.  Another writer at www.pchell.com was equally enthusiastic and say " SuperAntispyware has a free and a paid version, so it passes my first test of being a free application that works well. The paid version also has a realtime scanner and scheduler. You'll notice the icon  in the system tray when SuperAntiSpyware is active. One of the best reasons for using SuperAntispyware is the fact that it actually can help remove some of the nastiest malware that has been released including the variety of Zlob trojan and Vundo infections, and more. Before I started using this program, I had to resort to specialized removal tools and a lot of manual techniques to rid some computers of these pests. Now, I run SuperAntispyware and then check what's left to remove. In many cases, the program has done most of the work for me.  Its also easy to use. You'll notice from the main menu you can scan your hard drive, check for updates to the program, find out what's in quarantine, and check the dates of your last scan and update. With the paid version you can also schedule your scanning and have realtime protection against spyware infections".  It is really very good.

Adware : Originally just methods of doing anonymous market research but now often connected with unwanted popup advertising

Scareware : There are many programs that claim to remove threats from your PC. They are always free in the first instance. When you scan your PC they pick up every single 'cookie' on the machine and classify it as a threat.  They then suggest you buy the full program to clear these 'threats'.  Don't be fooled. Get a free program such as Ccleaner and/or Spybot Search and Destroy.  Always delete all cookies before doing a scan (via Internet Explorer).  It is less scary!

Spyware : Again, originally designed to track your habits but these days may even be used to track what you are typing, including your passwords and account details

Spyware/Adware removers : Originally genuine free or paid for programs that were intended to tell you what spyware you have and clear it.  But now more frequently used to scare people into buying their product to clean the PC.  Some of these recently have been associated with persistent popups and very persistent warnings.  These programs have changed your setup and Register to such an extent that they can be as difficult as viruses to get rid of. Please note that because many of the anti spyware products are considered to be 'rogues' I have banned the following list from advertising on this site, though most are just trying to sell you something that you don't need to pay for. I recommend Ad-aware, Spybot Search and Destroy and Mcafee Site Advisor - all free.  But, as the majority of these scary spy files are contained in Cookies it IS possible to turn Cookies off.  However, some sites will insist on them being on (including your bank and Tescos). The best way is to leave Cookies turned on in your browser but to switch off browsing history This will mean that cookies are cleared each time you shut Internet Explorer and programs like Ad Aware will find very little. Sometimes I think that such programs are redundant, though I do keep a couple to check occasionally. To clear them each time in Firefox the setting is under Tools, Options, Privacy.  In Internet Explorer, Tools, Internet Options, History, History.

The anti spyware programs to avoid:

Anti virus 2007, antivirus 2008, antivirus 2009, antivirus system.ro, 1automationwiz.com,.2004spywareremovers,.3mo.org.5spynetwork.com,. achtungachtung.com, adaware. info adawareinfo.com, add-aware.com, ad-eliminator.com, adremovergold.com, adware. storesbiz.com, adwarenomore. net adware-real-free-scan.com, adware-removal. biz adwareremoval. net adware-remover. net adwareremovergold.com, adwarereport.com, adwarereport.com, adwaresafe.com, adwarespy.com, adwarespy.com, adwarespywareremoval.com, adwarexeliminator.com, anti-adware. net antispyware.com, antispyware. neonant.com, anti-spyware-review.com, bhozapper.com, bulletproofsoft.com, bulletproofsoft.com, cleantor, clickspyclean. , com-install.com, compareandreview.com, comparespywareremovers.com, comparespywareremovers.com, consumerincentivepromotions.com, easyerase.com, eblocs.com, enigmasoftwaregroup.com. errornuker.com, e-spyware.com, evidence-eliminator.com, free-adware-removal.net, free-adware-remover. org free-adware-scan.com, free-adware-scan.com, freedownloadtools.com, freepcscan.com, free-spyware-check.com, free-spyware-scan.com, freespywarescan.org, free-web-browsers.com, good-offers.com, healthycomputerclub.com, hijack-this, clickbank.net, hypernexussolutions.com, incentiverewardcenter.com, interesoft.com, iteens.com, likesurfing.com, login. tracking101.com, lsjmp.com, mambomarket.com, mediataskmaster.com, megalithusa.com, neosoftlabs.com, netspyprotector.com, noadware.com, noadware.net , nomorespyware.net, nontoxic-internet.com, nospyware. info nospyx.com, nuker.com, onlinepcfix.com, online-spybot-scan.com, online-survival-lab.com, palsol.com, paretologic.com, pcbugdoctor.com, pcdocrx.net, prevx.com, pcspytool.com, pestbot, primaryads.com, privacy defender, privacysoftwarereport.com, privacytools2004.com, rd05.com, ratespywareremovers.com, realspyerase.biz, removespyware.ru, revieweasy.com, rizalsoftware.com, safespy.net,  scanspyware.net. service.net, means.com, g08.biz, smartcomparisons.com, smart-security.info, software-comparisons.com, spyads.com, spybeware.com, spybloc.com, spyblocs.com, spybot.com, spybot.com, xp.com, spybotfinder.com, spybot-spyware-removal.com, spyburnpalsol.biz, spycleaner.net, spy-deleter.com, spydetector.net, spyforce.com, spyhunter.com, spy-hunter-detector.com, spyinator.com, spykiller.com, spykillerdownload.com, spy-review.com, spyspotter.com, spyvest.com, spywarejunglebee.com, spyware.net, speedylearning.com, spyware-adware-download.com, spywareassassin.com, spywarebegone.com, spywareblaster.com, spywareboard.com, spywarecrusher.com, spyware-destruction.com, spywarehelp.net, spywarehub.com, spywareinfoooo.com, spywareno.com, spywarenuker.com, spywareonline.org, spywareremovalauthority.com, spywareremovalutilities.com, spywareremove.org, spywareremover.com, spy-ware-remover.com, spywareremovercomparisons.com, spyware-removers.org, spywareremoversreview.com, spywarereview.info, spywarestormer.com, spywarethis.com, spywarexterminator.com, spywarezapper.com, surfsecret.com, swanksoft.com, techlistings.net, Theshield, theshopontop.com, the-spyware-review.com, tkqlhce.com, topspywareremovers.com, toptenreviews.com, trackzapper.com, trekblue.com, trekdata.com, trojan-scan.com, uant.net, uninstallxupiter.com, kount.com, xeec.com,.  

Kaspersky, that reputable Russian security company (well, retired KGB experts have to find something to do) reports that the lines between Adware, Trojans and Viruses have become blurred and existing Adware blockers are failing users.

If you would really like to know which Big Brother is watching you, take a look at the names in the Cookies files.  The best way is to right click Internet Explorer. Click Properties.  In the first (General) section, click Settings and then View Files.  Look down the files listed as Cookies. Most of the cookies are innocent marketing tools. But they are all doing it without your say-so. If it worries you click Cancel and click Delete Cookies (and might as well Delete (IE) files at the same time). If it takes a long time you will know  ...... you should have done it before ! To see an explanation of what Adware is about I had a look at site of one of the reasonably reputable companies that make a living out of selling the information they glean e.g. "Commission Junction is a ValueClick company, providing advanced performance-based marketing solutions that help marketers increase online leads and sales. By facilitating strategic relationships between advertisers and publishers, Commission Junction leverages its proven expertise in affiliate marketing, partner marketing and search marketing to drive measurable results for its clients"

See Microsoft's pages regarding computer security : http://www.microsoft.com/security/protect/

Other useful non-commercial sites include www.stopbadware.org, www.antispywarecoalition.org and www.consumerwebwatch.org

A contact reports a problem with Winfixer.  This is a program (Like Errorsafe) which, if downloaded onto your PC makes multiple changes to it, then displays a message that your PC is badly infected and will you pay them to remove the problems. It is becoming a popular way of making money. To see what a mess it can cause, take a look at http://www.symantec.com/avcenter/venc/data/winfixer.html  Errorsafe and Winfixer are widely advertised on the net and cost $$$.  Some people get it by mistakenly searching for Symantic (instead of the legitimate Symantec) There are even Winfixer cleaners advertised.  Again they may all be part of the Winfixer industry. Apart from the worry they cause they will install popup advertising and may make your PC run slower.  Another program using this technique is Stop-Sign. Also the well know PCTools program will do a scan then ask for dollars to clean your PC, though this one doesn't, as far as I know, leave any trace after your initial scan  Also in the same category as Winfixer (and probably produced by the same stable - or should I say slaughterhouse - is Winantivirus, Winsoftware, Winadblocker, Winfirewall.  

When I get a request about a problem that I suspect is a virus or spyware intrusion I immediately search the Internet for the main word e.g. "Errorsafe" or "Winfixer". Inevitably I am led to helpful 'Forums' that are having to deal with similar problems. If you get problems, such as regular unwanted pop-ups I suggest that you do a search of the Internet in this way and look for links to sites that appear to be dealing with the problem. But beware of those that merely tell you what you have then charge for their removal.

Make sure you have a Firewall

What is a Firewall ? For a complete description of this essential security element see  http://www.askbobrankin.com/do_i_need_a_firewall.html  

n.b.  NTL users are supposed to have the option for NTL based firewall + anti spyware program (called Fireguard) However, after agreeing to install this my computer still reckoned it was vulnerable and I rapidly reverted to Zone Alarm.  For a while a tried Comodo Firewall but found it TOO fussy and would not let me get on with things

The most famous free firewall is Zone Alarm from Zonelabs. Lately I have found that their newest version has selectively caused problems with (1) NTL e-mail collection (2) Avast anti virus updates and (3) Google Earth but I have now decided to continue with it and try and lick it into shape by allowing those programs through the firewall. 

If you have a firewall.... and you SHOULD have... do you know whether it actually stops your computer accessing the internet without your permission?  There is a small program called the Leaktest from http://www.grc.com/lt/leaktest.htm that will check this.  But your firewall may be doing this outward bound check. Certainly Zone Alarm does.  So, if you use Leaktest, the correct result is that your firewall should BLOCK it when it tries to access the net

It really is about time all ISP's woke up to their responsibility to protect their customers from malware.  If yours doesn't it is time to consider Changing your ISP!

(1) NEVER download an attachment to an e-mail (even from a know address) if you are unsure what it is. Infected attachments most commonly end in Pif, Scr, Exe, Com and lately may be Zip(ped- compressed versions )of these
(2) Keep your email and web browser programs up-to-date; get the latest updates from Microsoft from Http://windowsupdate.microsoft.com .
(3) Get and keep up-to-date an anti virus program.  
(4) Install a Firewall program.
(5) Occasionally run an up-to-date anti Spyware program.  
(6) If an e-mail says "Pass this warning on", don't bother, it will be a hoax.
(7) If you are suddenly invited to 'click here', win cash or take an IQ test, don't. Go off line and get back on again.  See below for free programs that can help.
(8) If you use music file sharing software, expect to get virus infections. 
(9) If you get a spam email then DO NOT CLICK ON ANY LINK in it, even one which say you can unsubscribe with it.  It is possible that the link will lead to a website which will send you a VIRUS !  This is called V-SPAM

Often the problems are caused by,  not one but, a number of 'foreign' files in the computer and the latest technique to get rid of these things invariably involves downloading a program called Hijackthis from http://download.cnet.com/windows/ When run on your computer this program shows a list of the programs (good and bad) that are running in the background so the forum expert can advise which are the nasty ones and how to get rid of them. They usually also advise the running of the latest versions of programs such as Ad-aware and Spybot and external virus checkers such as the one offered by Panda Software or Housecall (see above). But the Hijackthis log will mean very little to the average computer user and has to be analysed by an expert.

Definitions :  

Site Navigation Links :- Please click on SITE MAP
Index Page  Index Page Top of Page Next Page Next Page