This limited information is provided as a courtesy and convenience only. It is updated from time to time. No representation is made the information is up to date, or that any of the solutions listed will not harm your computer.
As of 2007-10-01 this web site contains some excellent information: http://www.liamdelahunty.com/tips/spyware.php
See http://www.spywareinfo.com/, http://www.2-spyware.com/, and http://computercops.biz/downloads.html for all sorts of useful information.
If using Windows XP, install Service Pack 2. See http://www.microsoft.com/windowsxp/sp2/default.mspx. you can order a free CD from there, or:
If using Windows XP or Windows 2000, use Windows Update. See http://www.windowsupdate.com.
If using earlier versions of Windows, visit www.microsoft.com to get updates:
Please back up your registry and data before attempting to remove Spyware.
Download, install, and use Netscape, Mozilla Firefox, Opera or another alternative browser available on the Web.
Useful Windows tools include the Task Manager, regedit, and msconfig.
The free tool HiJackThis is especially useful when diagnosing your system.
The free versions of AdAware, SpyBot Search-and-Destroy, and the Microsoft® Windows AntiSpyware (Beta) are available on the Web and can be used to remove many types of SpyWare.See also "Rogue security programs" below.
See http://www.2-spyware.com/file-bargains-exe.html
cfd.exe program is a tool used to diagnose problems with broadband connections. Some ISPs seem to include it in their install setups, so it may be required. It can be uninstalled.
To check if you are infected type the following in the navigation toolbar of your browser:
javascript:alert(navigator.userAgent)
This will open a little dialogue box with details about your browser, for example:
Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/522.11.1 (KHTML, like Gecko) Version/3.0.3 Safari/522.12.1
If the information returned contains "FunWebProducts", then you have the problem.
As of 2007-10-01 this web page contains some excellent information how to remove FWB: http://www.liamdelahunty.com/tips/fun_web_products.php
This is supposedly NOT removable using AdAware or SpyBot Search-and Destroy.
See also http://www.annoyances.org/exec/forum/winxp/r1074886074
A Rogue Security Program is software that purports to scan and detect malware or other problems on the computer, but which attempts to dupe or badger users into purchasing the program by presenting the user with intrusive, deceptive warnings and/or false, misleading scan results. Rogue Security Programs typically use aggressive, deceptive advertising and may be installed without adequate notice and consent, often through exploits.
See this as of 2007-12-01.
See Webhancer below.
Starware provides a browser toolbar. Generally, there should be no need to install these. A tool exists on the Web to remove Starware.
See WebSearch below.
In the event of messages re. sporder.dll, see http://www.pestpatrol.com/PestInfo/w/webhancer.asp
See also http://www.annoyances.org/exec/forum/winxp/r1074886074
Supposedly can be removed using AdAware and/or SpyBot Search-and-Destroy.
May appear in your Add/Remove Programs list. Try using Start/Control Panel/Add Remove Programs to remove it.
The processes tbps.exe and WToolsA.exe can be killed using the Windows 5.x Task Manager.
However, either one of these programs may also appear as an auto-start entry in the Windows registry. To check, click Start, then Run, type in regedit, click on OK, and review the entries under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. (You can also click Start, then Run, type in msconfig, and click on OK to inspect what starts automatically. See How to Use MSCONFIG.)
Like other Internet Explorer Toolbar nuisances, this program also insinuates itself among the registry entries that control IE configuration, so that manual cleanup is not straightforward.
If installed, the filename gamechannel.exe supposedly results in a process mostly related to computer games and other multimedia applications. It sends information about your computer to a home server. While it might not be considered "SpyWare" per se, it is still desirable to remove it from your system startup. A process called Array allegedly does not compromise privacy and is unrelated to security threats.
This page last updated 2007-12-01