1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Windows Has Detected Spyware

By fahadhassen ยท 6 replies
May 2, 2008
  1. Do you see the message, "Windows Has Detected Spyware" on your PC? If so, this article can help you.

    Your Computer May Be Infected. Here's how to check..

    A recent research revealed that 80% of the computers today is infected with these dangerous spyware and most of the users are not aware of it. (Your computer could be infected by now too.) The most dangerous fact is, even though the anti-virus software is running, these software can even pass it and take over your PC.

    Have you experienced any of the following? * Awesome popups come out of nowhere, when browsing the web * Home page reset to some other site

    How can this happen?

    - The components installed when viewing certain sites, starts up and running as soon as it's finished installing (or after the page is completely loaded) and with every windows startup since then. Their job is to collect information and report (or transfer) it to an external computer.

    What is deceptive software? (Reference: microsoft.com) ----------------------------------------------

    Spyware and unauthorized adware are two examples of "deceptive" software. Deceptive software includes programs which take over your home page or search page without first getting your permission. There are a number of ways deceptive software can get on your system. A common trick is to covertly install the software during the installation of other software you want such as a music or video file sharing program.

    Whenever you are installing something on your computer, make sure you carefully read all disclosures, including the license agreement and privacy statement. Sometimes the inclusion of adware in a given software installation is documented, but it may appear at the end of a license agreement or privacy statement.

    Sometimes deceptive software gets silently installed on your system without any warning at all. If you use Internet Explorer as your Web browser, this can happen if your Internet Explorer security setting is set to its lowest value. Make sure to keep this setting at the medium level or higher. Doing so will help you control what is being installed on your computer.

    Have you ever had an experience where you were repeatedly asked to accept a download even after you said "no"? Creators of deceptive software often use such tricks to get you to load their software. If this happens to you, do not click "yes". Instead, try to close the Web page that first asked you to accept the download by hitting the "X" in the corner of the window. Alternatively, quit Internet Explorer and restart it to begin browsing the Internet again. If you visit a Web page that continually displays these tricky pop-up windows, that Web site may not be worthy of your trust.

    ------------------------------------------------------------------- Your computer may be infected by now, but you may not know. Just have a checkup with a software specifically designed for it, to know the current status of your computer. You must clean infections once you find it but you can't top it at that. The spyware might reinfect your PC. So it's highly recommended that you run a firewall on your system after the clean up. This will allow you to monitor every single communication that occurs between your computer and the external world and block the ones that are harmful. The firewall acts as a barrier between your PC and the external world (Internet / Network).

    A good spyware detector recommended by most people is, NoAdware at
    ( NoAdware.cjb.net ) and it shows you all the infections and potential dangers in great detail. It's free to scan but not to clean. It's a good idea to have a scan even if you have no idea of cleaning, since you will know the status of your PC in great detail - at least you will know whether you have any spyware on your PC at all! (Most of the time it's there, but you don't know! So, don't be surprised to get a list of over 30 suspicious components detected!) Scanning will also give the advantage of giving a try to clean it out, provided that the infections are minor and you (or a friend) have a fair knowledge on windows file system. (Registry settings, Cookies etc. and how to modify them.)

    You must run a firewall. In many new operating systems(eg. Windows XP), there is a built-in firewall. Google search on how to activate it. Others may try one at download.com

    You may have a question by now. What is the purpose of these spyware? Even though we cannot give an explicit and clear cut answer, we can safely state that everything boils down to the urge of more profits. How? The spyware collects all your personal information and transfers it to an external computer. The information is reviewed by a software in the receiving computer and then delivered targeted popup ads to the infected PC. There are many things that spyware does in addition to this.

    If you have some technical knowledge about your PC, here's a technical explanation on what trouble does the spyware cause.

    1. An extra process is running to monitor and log your activities. 2. Constant transfer is taking place between your PC and the spyware server. (This is a two-way transfer)

    Firstly, the extra process in itself is an undesired process and it contributes to slow down your PC. Second point is the most harmful. It transfers logged info on the infected PC to the external PC (Spyware server) and then the external PC transfers targeted popups to the infected PC. (Targeted popups are popup ads that are delivered based on user interests. User interests are analyzed by special software running on the spyware server, using information transferred by your PC as input.) Since many extra processes are running (eg: monitoring processes, transferring processes etc.), your RAM (memory) will be shared and as a result, your PC will run slower. This also slows down your Internet connection speed because a lot of transfer is taking place and your total available bandwidth is shared.

    In short, PC with spyware is like a dumping ground for snakes. Once its there up and running, it can do almost anything with your PC.

    * NOTE: A useful tip - When you clean up your PC and close the door for those harmful programs with a firewall, you can block many popups. But still, there can be some popups. There are popups integrated to websites you visit, and we must to do something about them. There are many popup blockers available on the net, but I highly recommend installing the Google toolbar, which has a quality pop-up blocker integrated to it. It also has some other useful features and is highly customizable. Download it free at toolbar.google.com.

    The most risk is for people who use Internet Explorer, as it is the most popular web browser and that very fact has drawn more attention of many malicious software developers. All of us want to make our PCs good and clean, right? So advise your friends about this, or if you had this article by email, just forward it.

    Happy surfing...

    About the Author

    By: Fazly Mohamed - fazlymohamed@yahoo.com (Undergraduate at Staff. University UK, Computing & IT)
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Are you asking a question here or just posting the malware propaganda? Because legitimate spyware/adware programs don't pop-up like this. The program being "recommended" is NoAdware. This program was listed as rogue because of " concerns with false positives and the use of aggressive, deceptive advertising including exploitation of the name "ad-aware". It has now been delisted', but it is not a program I would recommend.


    You system is infected. Please use the information given on site below and posted the logs according to the directions:

    You will be assisted in finding and fixing the malware.
  3. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    The #1 reason for becoming infected with these infections is due to not having a properly configured Firewall or relying on Windows Firewall.

    Next, lack of updates (Java, Windows updates, browser updates, anti-virus updates) If programs are not kept up to date they are defenseless against the latest attacks.

    Next, Online Habits can contribute such as P2P programs, opening email attachments from unknown senders, adult content sites can increase your chances of infection

    There are plenty of programs out there (most free of charge) that you can take advantage of and protect yourself. If you keep everything properly configured and updated then you really have nothing to worry about because these programs will alert you to changes within your system. You can then research the changes before allowing them, if it is a known malicious change then you can block the change before infection. If you can't find any information on the file then there are sites to upload the file to before allowing it to connect or make changes to your system.

    And if anybody needs help with any of this -> that is why we have a security section

    Here is an interesting read for you anyways about how far some people go with this
    Who's behind criminal bot networks? - The Red Tape Chronicles - MSNBC.com
  4. larrrardintx

    larrrardintx TS Rookie

    And on an almost daily basis I remove spyware and malware that was installed by users without even knowing it.

    Couple of perfect examples

    1. WinAnonymous. Supposedly allows you anonymous access to the Internet. In reality, it downloads more programs to your computer.
    2. WinPCDoctor. Wont fix anything unless you buy it, and downloads pop-ups that advise you that your system is infected. Yeah it is alright, by WinPC Doctor.

    And there are a host of other programs as well. Registry cleaners do a nice job of pop ups, not fixing problems and nagging you to buy them

    If you do not want to spend the money for a program such as Norton Internet Security, here are a few good free ones I use daily

    1. AVG Anti-Virus. Latest version is 8.0. Requires Windows 2000 SP4 or higher
    2. AVG Anti-Spyware, discontinued it appears as it no longer is available as a download. Search around though, you may be able to find it, or I can upload it to RapidShare if enough people request it.
    3. HijackThis, version 2. It will run a scan on your system and locate and fix problems with Browser helper Objects (BHO's) as well as automatically starting programs
    4. CWS Shredder. Gets rid of Cool Web Search and is updated constantly for new variations of CWS.
    5. Fix Blast. Yes, Blaster is still floating around. I just spent three hours today removing viruses and Blaster off of a real estate company's Intranet
    6. Bug-Off. Fixes some common exploits in Windows
    7. Spybot S&D is an older program that runs a fast scan for malware and spyware

    I cannot stress this enough. BEWARE OF THE MAJORITY OF FREE OR TRIAL FILES as they are usually the ones that download the spyware to your system. Most of these can be found on ads on websites, or at download.com

    A little common sense it all it takes. TAKE THE TIME, when you install a program, to read the EULA (End User License Agreement) since many times you will see that that nifty program you are installing will do the following
    a. Change your home page
    b. Change your default search engine
    c. Install other programs you did not ask for.

  5. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Almost forgot:

    • Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

      See this link for a listing of some online & their stand-alone antivirus programs:

      Virus, Spyware, and Malware Protection and Removal Resources

    • Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

    • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

      For a tutorial on Firewalls and a listing of some available ones see the link below:

      Understanding and Using Firewalls

    • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

    • Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.

      A tutorial on installing & using this product can be found here:

      Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers

    • Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.

      A tutorial on installing & using this product can be found here:

      Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

    • Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

      A tutorial on installing & using this product can be found here:

      Using SpywareBlaster to protect your computer from Spyware and Malware

    • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
    Follow this list and your potential for being infected again will reduce dramatically.

    here are some additional utilities that will enhance your safety

    • IE/Spyad <= IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
    • MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to which is your local computer
    • Google Toolbar <= Get the free google toolbar to help stop pop up windows.
    • Winpatrol <= Download and install the free version of Winpatrol. a tutorial for this product is located here:
      Using Winpatrol to protect your computer from malicious software
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Thought I'd mention something I learned about the new AVG v8- in addition to the AV, it contains anti-spyware>>>but>> if you are running SpywareBlaster also, AVG suggest removal of SpywareBlaster. Seems there's conflict between the 2 databases that are causing inaccurate info in results.

    I'll post the source site if I can find it.
  7. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    I no longer recommend AVG that much due to their installing a Yahoo Toolbar and calling it a security bar, I don't like telling the user to look out for the toolbar that you have to opt out of. Also, their product is becoming bloated and I think will eventually resemble Norton. Avast has also had some issues with their new version

    Free Anti- virus preference
    1) Avira Antivir
    2) Avast
    3) AVG

    Paid preference
    1) Kaspersky
    2) NOD 32
    3) Trend or CA
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...