Spyware, Adware and Other Malware
Malware, short for "malicious software", is software designed to infiltrate a computer without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. The term "computer virus" is often used as a catch-all phrase to include all types of malware, including true viruses. And example of malware is the scam email about the 'CDC's State Vaccination H1N1 Program"
What is Spyware?
Spyware is computer software that gathers and reports information about your behavior on your computer you being aware of it or consenting to it. Spyware can also refer to other forms of software, called "malware" that perform many different functions, from popup ads, targeted advertising, harvesting private information, redirecting your browser, running zombie programs that may cause your computer to engage in illegal activity, such as spreading viruses or conducting DNS (Denial of Service) attacks, and installing stealth phone dialers. See this page for examples of spyware.
What is Adware?
Adware is advertising-supported software that causes pop-up ads to appear on your screen. Weatherbug is a good example of this.
Some adware may be shareware (but not all shareware is adware), and this is not necessarily bad nor hidden. Users are usually given the option to pay for a "registered" or "licensed" copy, which typically eliminates the advertisements, or to use the free copy with some ads.
The offensive form of adware is when the advertising is not disclosed to you when you download the software. Other adware programs do not track a user's personal information. Usually, spyware programs send your browsing habits to an adserving company, which then targets advertisements back to you, based upon their measurement of your interests. Kazaa and eXeem are popular programs which incorporate software of this type.
A number of software applications are available to help computer users search for and modify adware programs to block the presentation of advertisements and to remove spyware modules. Our recommendations for these appear at the left side of this page.
Spyware tends to overlap with adware. Malware describes any software that uses spyware for explicitly illegal purposes.
Data collecting programs that are installed with your knowledge are not considered spyware, as long as it is clear what data they collect and with whom they will share it. Unfortunately, a lot of commercial software install secondary programs to collect data or distribute advertisements without properly informing you about these activities. These secondary programs are referred to as barnacles and they can drastically slow down your computer. They are also designed to be difficult to detect and remove from the system.
History of Spyware and Adware
The first recorded use of the term spyware occurred on October 16, 1995, in a Usenet post that made fun of Microsoft. In 1999, Zone Labs used the term in a press release for their product, Zone Alarm Personal Firewall. Some of the first freeware with built-in spyware appeared in 1999: a game called "Elf Bowling" spread throughout the Internet late in 1999. Many users learned later that the program transmitted information back to the game's creator, Nsoft.
According to a study by the National Cyber-Security Alliance, spyware affects 90% of home PCs.
Spyware and viruses
Spyware can also closely resemble computer viruses, but with some important differences. Spyware and viruses usually both install without your knowledge or consent, and both degrade your computer's performance.
A virus, however, spreads copies of itself to other computers, if it can. Spyware usually does not self-replicate. Spyware relies on persuading gullible users to download and install itself by offering some kind of bait.
A typical piece of spyware starts every time your computer boots up (which uses CPU cycles and memory and reducing stability). They run all the time, monitoring your Internet usage and delivering targeted ads to you in popup windows.
A virus, by contrast, generally aims to carry a payload of some kind. This may do some damage to the user's system (such as, for example, deleting certain files), may make the machine vulnerable to further attacks by opening up a "back door", or may put the machine under the control of malicious third parties for the purposes of spamming or denial-of-service attacks (this is referred to as a "zombie"). The virus will in almost every case also seek to replicate itself onto other computers. In other words, it functions not only as a parasite, but as an infection as well. Usually, it looks for you address books in Outlook, AOL and other programs and then sends the virus to every address it finds.
Spyware generally does not damage your data files; it just wants to observe what you do and send you ads; although this also usually slows down your computer.
The virus deliberately tries to damage your computer. In general, neither one can damage the computer hardware itself. In the worst case, you will need to reformat the hard drive, reinstall Windows, reinstall your programs and data from backups. You ARE making backups, right? You should be, at least monthly. All of this can prove expensive in terms of repair costs, lost time and productivity. Often, owners of badly spyware-infected systems purchase entire new computers, in the belief that an existing system "has become too slow." Repair technicians who hear complaints about a computer "slowing down" usually suspect spyware infection.
A few spyware vendors, such as "180 Solutions", are actually "stealware" - spyware applications that redirect your browser from major online merchants such as eBay and Dell to the stealware's clients, effectively hijacking the commissions.
Other types of spyware (Targetsoft, for example) even go to the extent of modifying your system's files to make themselves harder to detect or remove. (Targetsoft modifies the Winsock (Windows Sockets) files. The deletion of the spyware-infected file "inetadpt.dll" will interrupt normal networking usage.)
Warning About Fake Spyware Remove Products
Unbelievably, there are products for sale that claim to block and remove adware and spyware, yet these products either do nothing, or are actually spyware themselves!
The U.S. Federal Trade Commission took action against MaxTheaterOn March 11, 2005 , the company behind "SpywareAssassin", which advertised as an "anti-spyware" product. The FTC specifically named deceptive and unfair practices, such as:
- falsely claiming that their "anti-spyware" product detects "spyware" on users' PCs
- selling an "anti-spyware" product that failed to perform as advertised; it did not remove a substantial amount of "spyware"
For these reasons, stick to clearly recommend products, like those on the left of this page and on our recommended products pages. For more information about the FTC's action against SpywareAssassin follow these links to the FTC's website:
How does you PC get infected?
Spyware normally installs itself through one of three methods:
- The spyware component comes bundled with an otherwise apparently useful program. The makers of such packages usually make them available for download free of charge, to encourage downloading. Watch out for Kazaa and earlier versions of Bearshare. Also beware of Lavasoft products which appears to ignore some spyware and adware, if Lavasoft has an agreement with the producer
- The spyware takes advantage of security flaws in Internet Explorer.
- Internet Explorer can also install spyware on your computer either via a drive-by download with or without any prompt! A drive-by download takes advantage of easy installation via an ActiveX control (or several ActiveX components) with or without a prompt, depending on security settings within Internet Explorer. This is why many security departments tell you not to enable ActiveX components on your pc.
Spyware can also install itself on a computer via a virus or an e-mail Trojan program, but this is rare.
Many novices fear "cookies", which are a common mechanism websites use for storing information on your computers. Cookies are usually used to store your user id number for later visits to the website. Cookies and their use generally are not hidden from you. Cookies are often important and necessary to help protect your identity when you are on a password protected website.
To avoid spyware issues altogether, avoid installing any piece of software that seems too good to be true, such as bogus "free" music downloads and the like.
To remove spyware problems completely (but temporarily, as you can become reinfected later), follow this advice:
- Obviously, one of the most effective solutions is to block the adware and spyware from getting through to your pc. Some of the firewall programs do part of this, and spyware/adware cleanup programs can get those that slip past the fire wall. See the left side of this page for recommendations for products.
- If the computer's performance has degraded to such a state that that computer no longer functions usefully and reliably, the user may have to consider the option of a clean install. Novice users should avoid this solution! You will need a complete back up of your data along with all the setup disks that came with your PC. A clean install means erasing all the data from your hard drives, reformatting the drives and re-installing the operating system. Only advanced users or a computer technician should attempt this remedy.
- Use of automatic updates (on Windows systems), antivirus (see the recommended packages on the left side of this page), and other software upgrades will help to protect your pc. The bugs in older programs are exploited by hackers, so upgrading helps to install the corrections.
- Also stay current with patches to Windows - especially Service Pack 2 (SP2). subscribing to the automatic updates in the previous step will guide you to these, too.
- Since some spyware takes advantage of Internet Explorer weaknesses, using a less common browser such as Mozilla Firefox may also help.
- Disabling ActiveX in Internet Explorer (click on Tools - Internet Options - Advanced) will prevent some infections.
- Currently-known spyware does not specifically target non-Windows systems, such as Mac OS or Linux.
For More Information About Spyware and Adware, See:
- Current list of known spyware and adware
- The Electronic Privacy Information Center
- Report A Crime
- Takedown Assistance
- How Spyware Works, Ross Greenberg, Security Pipeline, February 28, 2005
- Spyware And Your PC: Keeping It Out, Getting Rid Of It, Ross Greenberg, Security Pipeline, January 24, 2005
- Browser Hijacking and Prevent Browser Hijacking, Mike Healan, SpywareInfo, last update was January 12, 2005.
- What's The Difference Between Spyware And Viruses? Dave Piscitello, Security Pipeline, January 4, 2005
And please let us know about any suspicious calls or emails you receive. We look for patterns so that we can alert the authorities and victims to new scams, before it is too late!