Spyware

     Spyware is an extensive category of malicious software intended to take partial control of a computer sometimes without the user's educated approval.  Taken literally, spyware is software that covertly monitors or spies on the user and his/her system.  It has also come to largely include software that can steal the computer's processor time or drive space for the benefit of a third party.

     The term Adware refers to any software which displays advertisements, either by the users knowledge or not to receive income for programming and development costs.  

Spyware programs are bundled with software and usually, legally installed on a users computer mainly due to the ignorance of installation settings or failure to read the End User License Agreement. (or EULA)  More on EULA's in a minute.

     Spyware could immediately after installation or in the future cause privacy issues, substantial loss of system performance or responsiveness, major stability issues (crashes and hangs), and difficulty connecting to the internet, among many others, especially when several spyware packages from several companies are all active on your computer.  

     In fact, spyware and adware infection brings about more visits to professional computer repairers than any other single cause. 

     Even more surprisingly, most users have more spyware and/or adware on their system than viruses!  Users need only keep an anti-spyware program installed, up-to-date, and scan their computer with it regularly.  More on protection later in this guide

     The EULA is a scrolling text box during installation that contains the conditions of which you are allowed to use the software.  Most users simply agree to it or hit next without reading it.  Most spyware programs are distributed with great success in this manner.

     Some spyware/adware are similar to and can even be categorized as a Trojan Horse.  The definition of a Trojan horse involves something dangerous that comes in disguise of something desirable.  An example of this is:  You download Game A.  Game A installs itself but also installs, without your knowledge, spyware that logs your web activity to which Game A's programmer sells said logs to companies that buy that info.  It may also install adware software so it will display pop-up ads that when clicked will pay the programmer of Game A.  Even "rogue" anti-spyware can be installed.  (More on "rogues" later in this guide)  Clearly, the lines between spyware/adware and trojan horses are a little gray. 

     Some spyware plainly tells the user during installation that it is going to install.  Just as an example, Company X's software.  If the user does not know that Company X's software is really spyware, if they know what spyware is, they go ahead and install the program without asking their self, What is Company X's business?  

     Owners of badly infected systems frequently buy an entire new computer system because their current system has become too slow.  Some of these systems are still very current, speed-wise, and could handle average to moderate computer use if it weren't for 60 to 100 spyware programs running at system startup.

Some examples of adware and spyware avenues of attack are:

LSP's or Layered Service Providers

     A Layered Service Provider is a system driver linked deep in the networking services of Windows.  It has access to, as well as the ability to modify, every piece of data entering, (your keyboard or mouse) and leaving the computer (data sent over the internet or text or images displayed on your screen).  A few LSP's are necessary to allow Windows to connect you to other computers, including the internet.  Spyware may also install itself as an LSP, thus having access to all the data you transmit and receive including credit card numbers and passwords.

Browser Hijacks

     A browser hijacker is a program or registry setting that changes IE start and search pages. If your browser starts with a different start page and you didn't change it, you probably got hijacked.  Hijackers often not only change these pages, but also add a program a start-up that will restore the hijacked settings.  You can change it back but every time you restart, your start page has reverted back to an advertisers page.

BHO's or Browser Helper Object

     A BHO is a small program that extends Microsoft's Internet Explorer's functionality.  Usually they are visible, harmless add-on toolbars in IE.  They can also have hidden devious functions  that violate privacy issues like browser hijacking, logging info you input in forms on the web including passwords!!, display ads, follow your moves across the internet by reporting site addresses you visit and time spent there, and redirect you or display other pages than what was requested.

     Basically, let's say, for example, Bob the programmer writes a program.  We'll call it Program A.  Program A is worth a lot of money and normally he could sell it.  Instead, Bob inserts places in his program that display ads from one or more companies.  Then he puts it online free for download.  John Doe downloads it and  installs Program A.  Program A installs a program called a BHO or Browser Helper Object into Microsoft Internet Explorer.  More on BHO's later in this guide.  Then, John Doe surfs the internet  looking at a page about  his car stereo.  The BHO sees this and looks through its vast library of companies that it advertises for.  It finds an ad for a rival car audio company and spawns a pop-up to said rival.  So John clicks on the ad thinking his site he was looking at wants him to follow the ad.  If he buys something, Bob the programmer gets a cut of the sale.  This might be ok except 

     This is only one of many uses for BHO's.  Some uses are actually legitimate.  

"Some" examples of legit BHO's are:

"Some" Search Toolbars - Example: Google Toolbar
Yahoo Toolbar - which actually has a honorable anti-spyware program built-in.
Translation Toolbars

     Adware does not solely cover software that display ad banners in a program to pay the programmer for use.  It also covers software that can be bundled with other software and can cause multiple pop-ups at random or according to surfing activity of the user.   It can even display ads relevant to typed conversations in an instant message or e-mail to a friend or relative.  Say, Bob has some adware on his computer.  Bob is typing a message to his mom about his dog, Lucky.  He tells his mom that lucky has fleas really bad.  The adware sees he typed the words, "Fleas" and "Dog" so it pops up an ad for a flea collar.  This might sound cool and convenient but soon dozens of pop-ups start appearing about other dog products, filling his screen until his computer stops responding.

Kazaa
Bearshare
DivX (not the paid version, or the standard version without the encoder)
WeatherBug
Atomic clock sync
Bonzi Buddy (the most infamous)
Wildtangent
AOL Instant Messenger
Gator
ErrorGuard
FlashGet (early free versions, now program is freeware without spyware or adware)
Download Accelerator Pro (A.K.A. DAP)
Grokster
Dope Wars
Cliprex DVD player

Other Examples are: *see note at end of page

Internet Optimizer, also known as DyFuCa, redirects Internet Explorer error pages to advertising. When users follow a broken link or enter an erroneous URL, they see a page of advertisements. However, because password-protected Web sites (HTTP Basic authentication) use the same mechanism as HTTP errors, Internet Optimizer makes it impossible for the user to access password-protected sites.

Zango (formerly 180 Solutions) transmits detailed information to advertisers about the Web sites which users visit. It also alters HTTP requests for affiliate advertisements linked from a Web site, so that the advertisements make unearned profit for the 180 Solutions company. It opens pop-up ads that cover over the Web sites of competing companies.

HuntBar, aka WinTools or Adware.Websearch, was installed by an ActiveX drive-by download at affiliate Web sites, or by advertisements displayed by other spyware programs — an example of how spyware can install more spyware. These programs add toolbars to IE, track aggregate browsing behavior, redirect affiliate references, and display advertisements.

Movieland, also known as Moviepass.tv or Popcorn.net, is a movie download service that has been the subject of thousands of complaints to the authorities by consumers claiming they were held hostage by its repeated pop-up windows and demands for payment. The FTC has filed a complaint against Movieland.com, charging them with having "engaged in a nationwide scheme to use deception to extract payments from consumers." The complaint alleges that the software repeatedly opened oversized pop-up windows that could not be closed or minimized, accompanied by music that lasted nearly a minute, demanding payment of at least $29.95 to end the pop-up cycle; and claiming that consumers had signed up for a three-day free trial but did not cancel their membership before the trial period was over, and were thus obligated to pay.

Zlob trojan, or just Zlob, Downloads itself to your computer via an ActiveX codec and reports information back to MotherShip Server. Some information can be as your search history, the Websites you visited, and even Key Strokes.

If you have any of these, see the section below titled Protection.

Anti-spyware/adware advertised in pop-ups and banner ads are usually rogues.

!!!WARNING!!!
IF ANY OF THESE PROGRAMS ARE ON YOUR COMPUTER, REMOVE THEM NOW!!!

Updateyoursystem
Adwarepunisher
Malwarewipe
SpywareStrike
SpywareQuake
NeedUpdate
PestTrap
Spyiblock
RazeSpyware
SPYBOT.EP
Spyhoax-A
Winfixer
SpyArsenal
SpyAxe
SpyBlast
SpyCut
SpyFalcon
SpySheriff
SpyShield
SpyTrooper
Spybot.NLX
Spybot.WON
SpywareAxe
TheSpyGuard
 

To remove them, go to add/remove software in the control panel.  If you can't find it in there use one or all 3 of the programs in the next section.  Also see the  Top 10 Programs to have on your Computer section in Downloads section of this site.  This small list is just what the title says, a list of ten programs that you should not be on the internet without.

     Just like an antivirus, you should always scan your computer with a good anti-spyware at least once a month or have some type of memory resident protection.  This means protection is always on scanning every piece of software you install and every process running currently.

     I only recommend three (3) anti-spyware programs at present and they all offer free versions.  Forget those programs you might see at your local retail store or in pop-ups.  Remember?   Pop-ups are usually rogues.

Links to these three programs are in the Top 10 Programs to have on your Computer section in the Downloads section of this site.

To continue this Guide, please click NEXT below.

[ Back ] [ Up ] [ Next ]

[ Internet Access ] [ Spyware ] [ Hackers ] [ Viruses ] [ Chain Letters/Hoaxes ] [ Spam ] [ Password Safety ] [ Online Shopping ]