Free Spyware Software

Spyware, Adware, Malware, Badware….whatever you choose to call it, it’s a problem. Chances are that you or someone you know has or will experience some sort of ‘ware’ infection on a computer and it can be frustrating.

What is spyware?
Spyware is malicious software that collects information about a user and is installed on a computer without the user’s informed consent. Not to be confused with a virus.

There are many different types of spyware.

• Adware - is a type of spyware that collects information about a user in order to display targeted advertisments to the user.
• Browser Helper Objects (BHOs) - is a plug-in for Internet Explorer which helps developers customize and control the browser.
• Browser HiJacker - is when a malicious application adjusts your browser settings without your concent. For example: your homepage has changed to a search page, dangerous sites have been mysteriously added to your Favorites, questionable websites are added to Internet Explorer’s list of Trusted Sites etc…
• Keyboard Logger - logs all the activity of your keyboard and reports this information back to a remote computer. This information can be used to steal passwords, bank information etc…
• Phone Dialer - AKA - Modem HiJacker - this type of application changes the phone number dialed when using a dial-up Internet connection so charges are incurred on the users phone bill.
• Remote Access Trojans (RATs) - malicious programs that run on a user’s computer which permits an intruder remote access to that computer.

How do I know if my computer is infected? What are the signs of spyware?

• slower than normal computer? - Is your computer having trouble performing routine tasks? Has there been a sudden increase in the amount of times your computer crashes? Does your computer not start at all?
• homepage has changed by itself? - Has your homepage been hijacked? Does it open to a search page that you did not specify?
• pop-ups driving you crazy? - Do they appear as soon as you turn on your computer? Are they for adult websites? Some spyware will bombard you with popups that aren’t even related to the website you are visiting.
• browser settings have changed and you can’t change them back? - When you open up Internet Explorer does it open to a search page that you did not specify?
• new browser toolbars installed - but not by you? - Is there a mysterious toolbar installed on your browser?
• phone bill sky-rocketed - Do you see charges on your phone bill for adult websites or 1-900 numbers?
• unexpected new or new icons in your system tray? - Are there applications running on your computer that you did not install?

Now that you know a bit about what spyware is and how to tell if a computer is infected, let’s get down to the removal process. First things first - backup your personal data! You should be doing this regularly anyway. Using Windows XP - Click Start >> All Programs >> Accessories >> System Tools, and then click Backup to start the wizard.

To remove spyware/adware you need two programs (maybe three). The two I recommend are SpyBot Search & Destroy and AdAware. The Third is an application called HiJackThis. Be warned, HiJackThis is for advanced user, the is a powerful tool! Consult the program’s documentation before deleting any files, you could cause serious system damage if you do not know what you are doing. Links to all three of these tools can be found here http://www.malwaresolutions.com/tools_spyware.html

Download, install and update the programs. Then restart the computer and tap the
F8 key on your keyboard as the computer begins to start - this will give you the
option of starting in ‘Safe Mode’. You will see a few other options here as well.
For this particular job select ‘Safe Mode’.
What is Safe Mode? Safe Mode is an alternate way of starting a computer using only the bare minimum of resources. It’s a troubleshooting tool built into indows based operating systems.

If a computer is running in Safe Mode you should see that the screen resolution looks ‘off’, which is perfectly normal, and you should see the words ‘Safe Mode’ in the corners of the screen.
Run full system scans with both programs. They should be able to find the problems and remove them. To learn how to remove a particular item using SpyBot and/or AdAware consult each program’s ‘Help’ documentation.

Next, restart the computer in “normal mode” and see what happens. If you are still experiencing problems start the computer in Safe Mode again and run the spyware scans once more. Make sure that the spyware definitions are up-to-date for each program before using Safe Mode. This will give you the maximum advantage when trying to detect and remove malware.

There is another tool built into Windows called MSCONFIG which I use quite often when troubleshooting spyware.
What is MSCONFIG? MSCONFIG is a special tool built into the Windows operating system (not included with Windows 95 and 2000) called “Microsoft System Configuration Utility” or “MSCONFIG”. MSCONFIG is designed to help you troubleshoot problems with your computer such it being slow, frequent crashes, as well as to remove spyware and viruses. As you may already know, running many programs at once will cause your computer performance to slow down. Don’t forget, Windows also runs many programs in the background that you never see, you can use MSCONFIG to prevent some of programs from loading at startup which can greatly increase the speed at which your computer runs.

To access MSCONFIG Click Start, then click Run and type “MSCONFIG” or “msconfig”
(without the quotes), in the window that opens. Once MSCONFIG opens you will see
6 to 8 tabs (depending on which operating system you are using) which provide
access to various parts and processes that Windows uses. The tab you are interested
in is on the far right, it s called “Startup”. It controls which processes start
automatically when Windows loads. If this is the first time you are running MSCONFIG
you may notice that the list of start up items is quite long. You will see four
columns: the first is a column of check boxes, the second is the name of start
up item, the third is where the item is located on the hard drive and the fourth
is the registry location.

To remove an item from the start up menu remove the check mark from the corisponding check box. To instruct a process to run on start up put a check mark in the box.

By now you might be asking, “Which processes are safe to remove?” This is where it gets tricky. An easy way to determine whether a startup item is needed or not is to do a Google search for the process name and see you if you can safely remove the item from the start up menu. Many autostart entries are crucial part of Windows XP, for example: Userinit.exe and Explorer.exe, so don’t remove these.

Once the computer is clean you should follow these tips to keep spyware and adware off your machine.

• Install anti-spyware software before you get infected
• Install a software firewall - a firewall acts as a barrier between your computer and the Interent, you can find many free for personal use - software firewalls. ZoneAlarm is a great free choice and can be found here www.zonelabs.com.
• Keep Microsoft Windows Up-To-Date - with Windows Update. Microsoft often releases software patches which you can download and install to help prevent malicious software from being installed on your PC.
• Stay away from questionable Websites! - you know what I am talking about!
• Use a secure Web Browser - such as Mozilla Firefox

When troubleshooting a computer with spyware problems the most important thing is to remain patient. I have personally removed over 30,000 infected files from computers over the past two years. I have had a 100% success rate thus far using the methods described above!

Good Luck!

Author: Michael McKennedy

Michael has personally removed over 30,000 spyware/virus infected files from client computers over the past few years using the techiques desribed in this article.

He is the owner of http://www.MalwareSolutions.com

Resources:
http://www.malwaresolutions.com/how_to_remove_spyware.html

Share This

Adware and Spyware have become familiar terms in the lexicon of Internet jargon. Their definitions range from helpful cookies that many people choose to have on their computer to programs that can actually steal your identity. That’s a pretty big area. That’s why any information of these important subjects needs to include definitions of exactly what actually encompasses both adware and spyware.

Adware is software that provides advertising, usually in the form of pop ups, and gathers general information, by using cookies, through the user’s Internet connection. Adware is often packaged with free downloaded programs. By definition, adware, by itself, is not dangerous, but can fall into the annoying category. Adware can generate constant pop up advertising when the downloaded program is running. It can also place cookies on your computer that will provide information about you when you click on the pop ups or log on to the original program download site. If users register the downloaded program, usually games, and pay the registration fee, the adware disappears. If you download a free program, there is a reasonable probability it will contain some form of adware. So far, that’s not necessarily a bad thing. Many people happily trade payment for enduring a few pop up advertisements and don’t care if their general Internet surfing habits are being tracked. The problem begins when they become intrusive.
That’s when adware becomes spyware.

When adware is expanded to use your computer’s resources to steal information, it becomes spyware. Spyware is like the Trojan horse that is discussed on our Virus article. Computer users who are installing a program or swapping files (i.e. music downloads) may also be installing a spyware program whose purpose is to monitor your computer activity and gather your private and confidential information. This includes e-mail addresses, user passwords and certainly any credit card numbers you enter when making a purchase on-line. They can also happily install other spyware programs, hijack your web browser by changing your home page and your browser’s search engine. All the time it is sending back information to the bad guys, who will use it for their own advertising purposes, sell it to other bad guys or use it to steal your identity. To do all this, spyware uses your computer’s memory resources and bandwidth. This can slow your computer to a crawl, especially if you use memory intensive programs. Spyware is not
good.

Do you have adware and/or spyware on your computer? The chances are absolutely outstanding that you do. This may not be a problem, but sometimes it could be disastrous. Some of the signs that your computer may be infected are:
1. Your web browser looks a little different. New toolbars suddenly appeared. The search engine you use is different. A brand new home page suddenly appeared.
2. Pop up advertisements that aren’t related to the web site you are viewing are appearing with disturbing regularity. You click on links that go to nowhere. Ads for pornographic web sites start popping up on your computer. Your “new” search engine produces web sites unrelated to your query.
3. Your Windows desk top takes longer to load than it did in the past. This is because lots of spyware programs have added themselves to the Windows start up procedure and load every time you turn on your computer.
4. Your computer is running slower than normal.
If you are experiencing any of these symptoms, you probably are infected and need to take some action.

There are hundreds of Spyware programs on the market. Most offer a free on-line inspection of your computer to see if any spyware is present. Since their scans always find something, it’s a great way to market their product. However, it’s probably a good idea to dig a little deeper before making a buying decision.

Some anti-virus programs include adware and spyware elements as part of the basic program. Check yours and see if you have a spyware feature and if it is activated. If it is, and you still are experiencing problems, make sure you have downloaded the latest updates.

At Jamison Software, we look at viruses and spyware as two different problems and have chosen to attack them with two different programs. When selecting a spyware program we looked at numerous reviews and tested several (they all have 30 day free trials) on different computers before making a decision. Spyware and anti-virus programs work basically the same way. They develop large data bases or encyclopedias of known adware and spyware. The computer is scanned against these data bases and the culprits are identified and deleted or placed in a quarantine folder where they can’t continue to cause trouble. These data bases are constantly updated in order to keep up with the spyware developers. Good Spyware programs should do two things well. They should maintain great data bases and provide fast, proactive customer service.

Why do we like two programs? Viruses and Spyware are cousins and sometimes there is a gray line between the two. With two data bases, we can sometimes stay ahead of the curve, finding a problem in one program that is actually solved by the other. Here’s an example.

We use and highly recommend Spysweeper by Webroot software. One feature of Spysweeper is that it identifies new programs that will start when Windows starts. If no new programs are being installed, this means only one thing-spyware. When that happens, an alert screen appears and there is an option to remove the offending program. Sometimes that procedure is successful and the problem is resolved. However, occasionally the program reappears all by itself in a second or two. We have a virus. That information can be passed on to AVG Anti-virus Systems, our Anti-virus software provider, and within hours an update removing the offender is downloaded and implemented. This happened several times on our test computer (we did not use a firewall to attempt to create just this scenario) and we were very pleased with the results. We also found that Trojan horse files with a .pif suffix were the main culprits.

If you are concerned about spyware, we recommend Spysweeper. We found the data base very thorough and up to date and their customer service team responsive. When we had to upload suspected spyware for their review, they provided detailed, easy to follow instructions.

Buy and Download Software Online - Free Trials Available

Peter O’Brien is a vice president for Jamison Software. A division of The Jamison Group, Inc.

Share This

Due to the growing number of security incidents involving spyware on the internet today, it is now considered to be “common practice” to use anti-spyware/anti-adware software on every computer that connects to the world wide web. Spyware and adware usually installs without notice just by browsing to an unscrupulous website, using file-sharing programs or by downloading freeware. Since it is not a virus, most spyware cannot be detected by anti-virus software. Spyware can be extremely dangerous because it collects personal information about you and transmits it to the person who created it. The information collected can be as benign as the type of websites you visit, or as dangerous as sensitive personal information like passwords, account numbers or names/addresses. Adware normally collects information relating to your internet browsing habits, and spyware usually steals sensitive information. Spyware is often used to steal bank account information, credit card numbers or a person’s whole identity. If you have spent any time surfing the internet at all, chances are your computer is infected with adware and/or spyware.

In an effort to decide which anti-spyware product to buy, I decided to take Sunbelt Software’s Counter Spy for a free 14 day trial run. In order to really put this software to the test, I installed it on my work computer which is protected by an expensive Cisco firewall, Mcafee Antivirus (updated daily), and regular Windows updates. I do very little web-surfing at work and never download anything except technical software such as antivirus, spyware removers, firewall software, etc

Following my own advice never to download software from anywhere other than the manufacturer’s “official” website, I visited Sunbelt Software’s site in order to download the free trial of their highly recommended spyware remover software - CounterSpy.

The CounterSpy setup process is a super easy Wizard interface that requires simple “yes” or “no” answers. As soon as the quick installation is finished, the CounterSpy update service downloaded the latest spyware definitions and checked for software updates. Following installation, CounterSpy prompts you to scan your system for spyware. This process took about 20 minutes on my computer.

To my surprise, Counter Spy found one instance of spyware and 74 instances of adware on my computer. It provided me a very detailed list including the name of the suspicious item as well as a good explanation of the problem. You can drill down deeper by clicking on a “+” sign that appears next to each spyware item, and see all of the registry keys and file directories that the spyware has attached itself to. Upon examination of the spyware item found on my PC, I saw that pieces of it were attached to 60 registry keys and three directories. No wonder spyware is so hard to remove! All of the adware that CounterSpy found on my PC was in the form of cookies, and a detailed explanation is given about each one. Much of the adware was the cause of pop-up ads that I find so annoying. CounterSpy lets you choose what you want to do with all spyware and adware it finds, and the default choice is to delete it, which I did.

I have tried other anti spyware software such as Spyware Doctor, eTrust Pest Patrol, Spybot S&D, and McAfee. I found Sunbelt Counter Spy to be one of the easiest to install and configure, and it appears to use up less system resources than Spyware Doctor, which often hangs my home computer. At only $19.95 per year, with renewal rates just $9.95 per year, Sunbelt Counter Spy is the best value for the money. CounterSpy has won numerous awards by prestigious companies such as PC World, Tucows, and C Net - it is definitely an anti spyware program worth considering!

To learn more about internet security risks and what you can do about them,visit http://www.antivirus-firewall-spyware.com. Or visit my Spyware Removers page. My security blog: Computer Security for Everyone

Share This