CounterSpy

CounterSpy

Sunbelt Software

_{Reviewed by} Maureen Shannon, NJPCUG

Spyware is the latest nightmare infecting and ruining our internet usage and privacy. It’s a plague that is running wild damaging everything it touches with little to stop it. What is worse is that we rarely know it’s there. Many of us think we are protected, or at the very least, doing the best we can to stop it, and then we get the big reality check! Mine came several weeks ago.

Let’s begin there. NJPCUG was contacted by a vendor and offered free games. It was the usual contact letter….”please inform you members, spread the word, our games are free”. Nothing is free. I told several people about the free games before I had the time to check them out for myself. One person downloaded one of these games installed it and was having a good time with it before disaster struck. I got a frantic phone call from her telling me the game had crashed her system and she couldn’t get back into it! I was shocked and skeptical. Could this be true? I thought perhaps something had gone wrong on her computer and since the game was the most recent thing she installed she thought that was the problem. She called her son, who works in the computer field, and he informed her she must have spyware. She was new enough to using a computer to be completely unaware of spyware. I thought I was informed, how wrong I was!

Spyware is like a cancer. It spreads throughout your computer and can bring your system to a screeching halt not to mention the information it gains once it’s installed. I decided to investigate what Pat was telling me by repeating exactly what she did. I ran the spyware detector that I regularly used; I was quite complacent because I believed it did a great job scanning, reporting, and removing what it found. I saw that my computer was free of spyware so I installed the same game that was believed to have caused her trouble. The game installed and as it went to its finishing screen it asked if it could reboot my system. Reboot my system? Only one reason for that, it was going to write something to my registry! I told it no and did not do a reboot. I reran my former spyware detector and it found something called “Ezula” installed on my computer. I told it to remove it and it came back with a successful notation. Everything Patty said was true. The game had indeed installed spyware on our computers. This started me on an awareness campaign to find out more about spyware’ where it was coming from and how to remove it.

Next I installed my new application, CounterSpy. I read about it in WinXP News and it highly recommended it. It was inexpensive and it if did what it claimed it could it would be a very worthwhile investment. I set it up and let it do a full scan. I was shocked at what it found. In my registry alone, it found 691 entries! I almost fell over. How in heavens name did I get so much stuff in my registry? This is a fairly new computer. It’s only been online a few months. I avoid anything suspicious, don’t follow any links in email that I don’t know, I never go to any web sites that have anything questionable on them, and I never run those pop ups that want to check you system for viruses or speed. I never verify my email address by clicking on annoying or obnoxious emails that have “unsubscribe” links. I know that game and don’t use the unsubscribe link. I thought I was doing well. I cannot imagine what would have been found if I was less careful about where I go online!

The image below is a portion of my scan history showing the key logger it found.

If the registry entries weren’t enough to rock my world, it also found a key logger and another nasty little item that it immediately quarantined. When all was said and done, it had a boat load of things that needed attention. I let it remove everything it found. Many of the other items it found were cookies that were low to moderate in threat value but still the enormity of volume of items found in my registry was scary. Even more shocking was that my old reliable application told me Ezula was gone and nothing else was detected. Ezula was embedded all over my registry. I let Counterspy do its thing and fix my infested system. The point I’m trying to make is, don’t think you have all your bases covered. Spyware is so malignant it can get anywhere it wants to without your being aware of what is happening. The better the protection you use, the better prepared you will be to fight it. CounterSpy runs every night on my computer and reports what if finds and quarantines anything suspicious. Besides the key logger it found an application that launches advertising pop ups and another that was rerouting me through their server. It said that one was an internet speed up application. I have never clicked on one of those but somehow one got installed. It’s a wonder I was getting around online at all. It should have been bogged down to a total stop with all that was detected! Now I run CounterSpy as soon as I get offline just to be safe.

So far I haven’t given technical details of this product. What I have said is that it works. It finds and removes things that will astound you. It does what it says it will do. That’s all I need to know. As long as the world is filled with so-and-so’s who feel it is their right to spy on our activities online, steal whatever information that they can glean from our computers, and wreak havoc with our internet experiences, we are going to require applications to protect us. I found one that does what it promises. If and until a way is found to stop spyware, we will have to be careful about what we do. Perhaps a less technical perception will help those who don’t understand a lot of terminology but need to know what will work and if it is something that they need. It does and you do. The free or shareware applications may work well but in comparison, this one found so much more that I now know how invaluable it is. One key logger left unchecked can ruin your identity. How much is that worth to you? For less than $20, you can purchase CounterSpy and lessen the spyware worries.

When CounterSpy runs, it does a deep or thorough scan or you can select a quick scan. That would check your cookies but leave the full scan for another time. I like the breakdown it gives of where it is scanning as it runs. I use the full scan. It lists the memory process scanned and the results, the files scanned and the results, the same for the registry keys and the cookies along with the beginning and end time and the total scan time. When it completes the scan and you take action to remove the offending files, it will create a restore point if you are using Windows XP if this feature is enabled. Each item that is found is described in a side bar and you can click it for full details regarding the spyware and where it has been found. Learning what activities the various spyware applications are capable of is absolutely frightening.

On to the other good stuff…I have the Active Protection enabled. It has 56 checkpoints working to monitor my computer. It has Internet Monitors with 9 checkpoints, System Monitors with 24 checkpoints, and Application Monitors with 23 checkpoints. It lets me know when something wants to be installed or when it finds something questionable. It recommends what I should do and does it without a hitch. When Automatic Updates are enabled, it will go out and update its definition files. It does a complete in depth scan and delivers a complete report of what was found with information about what each thing is and what it can do if left unattended, and then it will remove everything you tell it to. It comes with over 100 active protection monitors. It stops the spyware before it can cause a problem and it protects your privacy and identity. A small alert window pops up and the bottom of the screen to inform you when a change is trying to be made to the computer. It also has System Tools to complete the package. They are My PC Explorers, My PC Checkup, History Cleaner, and Secure File Eraser.

System Checkup – My PC has a wizard that walks you through keeping your computer’s settings updated. It scans for over 500 different settings, then closes security holes, and will patch windows areas that are vulnerable. The checkup is does a thorough scan of your security and then will advise you as to what it thinks should be done and allows you to decide what steps you want to take based on this information.

The internet has opened up new worlds for most of us. The benefits are many. It has let me reconnect with friends from childhood, high school, and a not too distant past (or at least it seems that way) and with family that has moved away. I can write to my friends in Singapore and hear back faster than a letter could ever get there. We can send pictures of our grandchildren to each other without having to leave the comfort of our homes. Keeping in touch with everyone near and dear is so much easier and faster via the internet. I can shop online since doing the malls has become a challenge I can’t keep up with. Research is fabulous. My passion for knitting and crocheting is fueled the ability to find everything I need that can’t be found locally…it’s all here online simplifying my life. Most household accounts can be managed online too, making bill paying easier than ever. It’s been wonderful… up until spyware arrived on the scene to spoil it. I am outraged at the intrusion into my internet habits - shopping, browsing, or whatever other activity I am doing. I don’t want advertising pushed on me by way of spyware. I’ll shop for what I want without unasked for advertising attempting to influence my buying decisions. I don’t want to be watched as I do this. I refuse to let those who think they have the right to do this ruin it for me. I want to prevent this as much as possible. Now I have a tool to help in the fight and keep me safe while I go about the online things I enjoy doing or need to do. For those of us less able to get around, the internet is a blessing and we need to protect it from those who spoil it for us by taking steps to halt it in its tracks.

CounterSpy has a yearly update subscription that must be renewed to keep it active just like the virus protection programs. For the small fee that they charge, $9.98, the benefits you gain will help you protect yourself from spyware. CounterSpy even has an online group you can interact with by reporting things you have found and keep the rest of the community informed about the latest threats to our online activities. I would recommend CounterSpy to everyone. It has proved to be the best thing I have installed in the war against the invasion into my online privacy. It is up to each of us to become informed about spyware and then do what we can to prevent from harming us. For more information or to purchase it, visit the Sunbelt Software web site at www.sunbelt-software.com. It’s the best $19.95 investment you will make in spyware prevention.

I had intended to end the review with the final statements above but then I saw the scan results from the previous day. On that day I visited 4 web sites and downloaded my email. Two were places I go all the time, one once in a while, and one was a link from a search I had done. CounterSpy found the following after I had been to these places:

(1) HighTrojan.Downloader.TargetSavers

Threat Risk:Threat Type: High

High risk threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction. May open up communication ports, use polymorphic tactics, stealth installations, and/or anti-spy counter measures. May us a security flaw in the operating system to gain access to your computer.

(2) PriceBandit

Threat Type:

Adware - Adware is generally software that displays advertisements. Some advertisers may covertly install adware on your system and generate a stream of unsolicited advertisements that can clutter your desktop and affect your productivity. The advertisements may also contain pornographic or other material that you might find inappropriate. The extra processing required to track you or to display advertisements can tax your computer and hurt your system performance.

Threat Risk: High

Description: It is an adware program that creates advertisments on your PC.

(3) BizDefender 2

Threat Risk: Elevated

Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.

Description: You can now completely take control over the remote computers and also you can benefit of the most comprehensive reports ever.

(4) BlackCore v2.1

Threat Type:

RAT: (Remote Administration Tool) A Trojan that when run, provides an attacker with the capability of remotely controlling a machine via a client in the attacker's machine, and a server in the victim's machine. RATs are remote administration programs that have been embedded into an unsuspecting victim's computer. This is the most dangerous of all hacking tools as it allows complete and total control of the infected computer.

Threat Risk: Elevated

Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.

Today’s scan results found 9 items! Yesterday I went to one web site. 8 were spyware cookies and one application called BargainBuddy Adware. This is a high threat and was immediately quarantined by CounterSpy. This only reinforces the need to monitor the spyware problem on daily basis. If someone had told me it was this bad before I saw it for myself, I might not have believed it. I do now. Try keeping track of where you go and then scan afterwards; you may be very surprised at what find.

I am finding low to severe threat items installed every day. Consider what the severe applications can do and then add in the amount of time you are connected to the internet allowing the spyware to do more and more damage. If you have a continuous connection to the internet, these harmful things are running all the time and you may have a big problem on your hands if they go unchecked. If a Remote Administration Tool (RAT) has been installed, which I found on my computer, the outcome of not detecting it could have been disastrous. Scan your computers daily! I am recommending CounterSpy to everyone I talk to.

The CounterSpy help file details how spyware is installed. Briefly, the ways it can be installed is through a Drive-by Download: an automatic download not necessarily one you allowed to be downloaded; Commercial Product Installation Bundling; Misrepresentation of Intention such as a program that says it will block ads and does the opposite; Misrepresentation of Source such as making you believe it’s from a trustworthy company; Silent Download and Execution of Arbitrary Code; and Commercial Spyware, Key loggers, and RATs (Remote Administration Tool).

*I ran the deep scan of all the files and folders recently. It's a longer process and on my computer takes several hours but it is very thorough. After letting it do it's thing and scan all the files and folders along with the normal scan, it found two nasty items embedded in one of my applications. It found a backdoor worm and a screen capture that copies all the key strokes. Both of these items were several years old. I am at a loss as to why Norton AntiVirus didn't find the backdoor worm. I thought that was something it scanned for. I recommend that the deep scan of all the options be done regularly. You don't necessarily have to do it daily but once a week is a good idea.