The Spyware Revolution!

It's getting worse, not better.

from JoeUser Forums

In 2000 Stardock was presented with an opportunity. It was near the height of the dot-coms and one of those dot-coms recognized a fundamental truth about WindowBlinds: It had the ability to fully control what was presented by the Windows GUI.  So not only could WindowBlinds change the look and feel of your Windows GUI (title bars, push buttons, borders, etc.). But it could add new content. And one of these dot-coms came to us with a fairly straight forward proposition -- integrate advertisements into the Windows GUI and you could make big bucks.  We turned them down.

While lots of money is always appealing, we did not want to be the company that made it possible for advertisers to take over your desktop. But that was before spyware really took off. 

In the post-dot com collapse, advertising has lost much of its value but if companies could advertise without having to be on an actual website, they could still make money. And that's where spyware has come in.  What is spyware? Odds are you have some on your computer. In fact, odds are you have a lot of Spyware on your computer. Spyware are various programs that manage to get themselves installed on your computer, usually without you knowing it. They sit there quietly informing their patrons what you are doing on your computer. Maybe they'll just report what websites you visit. Maybe they'll send back what programs you use. Maybe they'll list what songs you listen to. Who knows. Different programs spy on different things. Some of them will hijack your web browser so that you end up going to different websites than you intend to. Or maybe they'll pop up an advertisement randomly on your screen. 

What they definitely do, besides invade your privacy, is cause all kinds of stability and performance issues on your computer. A couple of weeks ago I ended up having my system brought to its knees simply from having visited a website that used a vulnerability in Internet Explorer to install dozens of Spyware programs onto my computer. It took the better part of the day to get them off. They're as bad as viruses to remove and most anti-virus software won't remove them.

The program I've come to rely on is called Adaware. It'll scan your computer and remove much of the Spyware. If you haven't ever run one of these programs, you'll probably be shocked at a) how much of this crap has gotten onto your computer and b) how much it has slowed your computer down.

But that's not the worst part of it. Legitimate companies are increasingly putting Spyware in their software. The temptation is great. Stardock estimated that it could have generated between $600,000 to $800,000 last year in additional revenue by bundling Spyware with its software. It has rejected all proposals because it doesn't need to make money that way. Stardock generates its revenue by selling its software. On-line, you'll see on some tech forums people complain that Stardock is "greedy" because it charges money to buy full versions of some of its products. I would say this method is much better than the alternative. Because increasingly, "free" software and "free" services aren't really free anymore. They claim to be free but they put this stuff on your computer.

WinCustomize, for example, is paid for by the sales of software and subscriptions. But the revenue it receives is nothing compared to some of the other sites in its market that now bundle spyware with their downloads. As I make my rounds on the net, I see the trend moving forward -- more and more sites, more and more products are moving to Spyware. Why? Because its victims usually have no idea that they're even victims. The distributors of Spyware can make millions of dollars while most people are totally unaware that they are funding it.

The net result is that we are seeing a mini-resurgence of the Dot-Com era. Entire companies and industries and even business models are being funded by Spyware. Personally, I hope Microsoft updates Windows so that this junk can't get installed on your computer without your knowledge. It's a serious security issue. People shouldn't have things running on their computer that they haven't given their okay to. But one has to wonder what will happen to the industry and the products and services which have come to rely on it.

For this article I scanned one of my laptops. I have never intentionally installed any Spyware on my computer. These are programs that installed themselves after having been surfing the net. And I don't frequent porn or warez sites.

33,717 views 40 replies
Reply #1 from JoeUser Forums Top
Adaware is great. But I really, really think you need to couple it with Spybot Search and Destroy. There are things that one misses but the other will catch. They work very well when used one after another. I run them each at least once a week to keep things clean.
Reply #2 from JoeUser Forums Top
Thanks for this informative post. I'll be sharing this around with compadres and colleagues. Hope the prices aren't sky high.
Multiplicity - Control multiple PCs using one keyboard and mouse
Reply #3 from JoeUser Forums Top
Agreed that you should concider also trying the features of Spybot. At the computer shop where I work we have something we unoffically call the "Spyware Special." We run TrendMicro's HouseCall online virus-scan, Ad-aware, Spybot - Search and Destroy, and then Windows Update; in that order. The one thing that Ad-aware has over Spybot is that it has snagged a few browser bars and hijacks that Spybot missed. BUT, Spybot will snag a few browser hijacks that Ad-aware will miss, as well as including a JavaScript helper to hopefully block some of those bad downloads from happening.

Either program is excellent though. :-)

--Syrrus
Reply #4 from JoeUser Forums Top
Just about anyone who frequents computer security forums is or provides computer support is well aware of the literally phenomenal explosion of brower hijackings and stealth spyware/adware installations. It's gotten so bad that some security related forums have areas and trained helpers solely dedicated to helping users remove this stuff from their PC's.

Typically these apps take advantage of default IE settings (lax from a security point of view) which can result in "drive by" installations without the user's knowledge. This crud may also be bundled with "free" or otherwise legit software, as Frogboy notes.

Recently Utah passed a bill called The Spyware Control Act: http://www.le.state.ut.us/~2004/bills/hbillenr/hb0323.htm

And last week the FTC held a workshop on adware/spyware: http://www.ftc.gov/bcp/workshops/spyware/index.htm

For anyone interested, this is classic info for how to prevent such infestations: http://www.wilderssecurity.com/showthread.php?t=27971

I've been told that reportedly that in XP SP2 Internet Explorer will be modified to make it more difficult to accomplish "drive by" intallation of such spyware without the user's knowledge and consent. (It's not yet clear whether MS will also provide a general IE 6 update for those who do not have XP.) But even so this won't keep people from downloading download programs that are bundled with spyware which may or may not adequately inform the user what the software does (and also how it might royally muck up your system).
Reply #5 from JoeUser Forums Top
hijackthis and cwshredder (coolwebpro search parasite/trojan) are both good tools to keep around as well. both are free and can be found by using their names as keywords in any search engine. hijackthis requires some knowledge but advice is available thru the forums.
Reply #6 from JoeUser Forums Top
There are free versions of both Spybot Search and destroy, and AdAware available.
Reply #7 from JoeUser Forums Top
An interesting article from adaware's website; http://www.lavasoftusa.com/
Reply #8 from JoeUser Forums Top
sorry, full URL is http://www.lavasoftusa.com/news/20031216.shtml
Reply #9 from JoeUser Forums Top
Hm.. The only spyware related software that I've ever gotten is the tracker cookies. It seems to pay off not using Internet Explorer and using open source software whenever possible.

And, yes, I do install quite a lot of software. But only from companies with a good reputation and those I do trust.
Reply #10 from JoeUser Forums Top
Thanks for the great article. I have been using Spybot for some time. I wasn't aware that there were things it missed that Adaware would catch and visa-vera. I update my Spybot regularly. I'll install Adaware right away and use them both.

There oughta be a law.
Reply #11 from JoeUser Forums Top

I think that superior to AdAware and Spybot (in combo) is PestPatrol (... .com).

Recently, I had an unfortunate encounter with some spy- ad-ware distribute by the otherwise respectable (VeriSign certified) UCMore. This add-on to the MyIE2 browser was popping-under exactly 2 IE6 (not MyIE2) windows per day.

None of these programs found the culprit: AdAware, Spybot, CWShredder, Hijackthis. All of these are pretty good, but not as good as PestPatrol.

PestPatrol not only found the spyware but found several others that the four above mentioned did not find. It also removed them completely and systematically, and provided information on them at the PestPatrol website.

When purchased (Yes, it's $40), it installs several other programs to detect key-logging, intercept cookies, and prevent loading spy- and ad-ware into memory. I think it's a bargain to have the best and most thorough on the market. With PestPatrol none of the other programs can detect any offensive installs. PestPatrol disk scans verify that all new pests are intercepted and destroyed BEFORE installation.

Have a look. Free to check youe disk with and to manually boot the extra services, but no automatic deletion of pests already installed.

Dan
Reply #12 from JoeUser Forums Top
I have Ad-Aware, Pest Patrol, AVG, and I scan with House Call. Hopefully I'm not missing anything!

One question...and it may sound stupid. How are they making money off the ads?
I've never understood that? If you don't know the spyware is there, how are they making money off it?

That's all for me
Ali-Misfit Chick
Reply #13 from JoeUser Forums Top
I always scan with the above mentioned, but still have the feeling I;m being hijacked on my broadband connection
There is a lot of time wasted on checking my system and sometimes I ruin it myself because I go into the registry
My concern is that the important system files get replaced like SVCHOST.EXE Generic Host Processor.
I really don't like microsofts approach with it's services did anyone ever try to shut down an SVCHOST process?
chances are you get the warning Windows shutting down in 30 secconds because Remote Procedure Call service has stopped. This is the biggest pest of all Remote procedure and Remote registry who needs it anyway
Yes Microsoft it self because it needs this tracking of your system. Do you know that 20% of your bandwith is reserved by the system it uses this for the automatic update it provides
This is only part of our missery I think Microsoft made enough money on it's sytem its about time windows got opensource You don't buy A car without an engine do you.
Well enough for now My point is Adaware and SpybotSD are not sufficient meassurements on it own
If we only knew which files of the system are used for what and there checksums we could protect ourselves better
So come over Microsoft give it up.
Reply #14 from JoeUser Forums Top
One good site I've found on how to deal with spyware and such is http://www.mvps.org/winhelp2002/unwanted.htm
One of the things they have that I didn't see above that is covered is how to block a lot of that stuff using a HOSTS file (gives wrong IP information so the browser doesn't know where to go to get the ads/drive-by downloads/etc, as I understand it).
Reply #15 from JoeUser Forums Top
I've got WinXP SP2 Beta installed, its ace. It blocks everything. It stops everything connecting to the Net without your permission, it stops anything being installed without your permision. It bundles a popup blocker into IE, and changes the way ActiveX controls are installed : usually with a big fat 'Are you sure you want to do this?' dialog. I actually think its great, I feel like I have twice as much control over whats going on with my computer and the internet now.
It even blocked windows messenger from connecting to the net... how cool? I don't even like MSN-IM.

I've used Adaware before, but, maybe its just me, I tend to be quite safe browsing the net. Alot of it is down to education, knowing what you install before you do it. Technically software is the key to computer success. They are also the death agents, and can harm your computer. It only takes a small bit of code to save lots of time, or cause massive hassle... be careful what you install, which sites you visit, and all the rest of that stuff!

Your computer is only as safe as method in which you use it. Don't blame microsoft, but don't rely on them either.
Reply #16 from JoeUser Forums Top
When the problem first started with the spyware and malware became a virus sort of threat when you went to desktop theme sites and downloaded a theme it would attach all kinds of malware. When this became a big issue and Trend Micro showed it as a virus threat and I wrote to the sites that this was happening they replied I was full of bull until I sent them data from Trend Micro now this does not happen with themes anymore you know what is being downloaded and they ask you if you want it. They used to hide it in the EULA agreement - which people don't bother to read so bingo this junk was downloaded with the theme. I always use Ad-ware I bought their premium addition. I will also try Spybot. I also use Trend Micro for virus checks. Even with this I still have a problem. It is amazing what is installed and you are not aware it is being done. It should be stopped.
Reply #17 from JoeUser Forums Top
...and another thing, when i first fell on adaware(a true blessing from those angels at Lavasoft), i ran it and had a result much as yours, a ton, no i mean a SHITLOAD of spyware. I had well over 250, and i just couldn't believe it. I thought I had been very careful, and i had also went through a weekly regemine of going through what I "thought" (i was SO blind back then) had been a thorough cleaning of any unecessary junk, including 100's of cookies...etc. To my dismay, i was SO terribly mistaken. All of you in denial take heed--- you ARE infected, and i mean right now! there are a FEW good programs, and i have found my personal arsenal of tools to combat this underhanded, evil practice. At first my list was only a couple of programs, but it has grown, each playing their own role, as if a football team going out on the field to take their positions. My tools are adaware(for the obvious), spybot sd(again, obvious), cookie guard(another blessing), a good utility(such as Ace Utilities)(or Tune Up Utilities), and some browser, ANY browser other than Internet Explorer. I just happen to use Firefox and LOVE it. It too, has many features for bullshit such as we are discussing.
Reply #19 from JoeUser Forums Top
Nothing worth having is free. This is, and has always been an absolute truth.
I commend you for taking the stand you have regarding the full charge for purchasing your software
rather than giving in to the temptation to allow businesses to use your product as a "trojan horse" for
their spyware. The pop-ups and bits of software that change your homepage are becoming much worse
than a mere nuisance lately. Please continue to stand firm.
Reply #20 from JoeUser Forums Top
I bought PestPatrol, and older version. I forget now what problems I had with it, but I remember having some sort of problem that I didn't like. Also, at least at that time, I read a comparitive review of spyware removal programs and PestPatrol didn't rate well. Maybe it is better now.

But I've been using ZeroSpyware now. It is also commerical. I haven't gone back and rerun another program to see if its missed anything. But ZeroSpyware seems pretty good to me. It works akin to an antivirus program, where it does regular signature updates, prevents the spyware from being installed. And also does a daily scan in case something managed to get installed anyway.
Reply #22 from WinCustomize Forums Top
spyware is information collection...the spybots/spyware are used to collect data about the user,where you surf,what music you listen to,what keys you type,etc, each spy bot/spyware are built to collect specific data about you.as they collect this data they send this data back to the maker of them .. this data is harvested and sold to companies for advertisement research..

the most common type is the internet travel bot, it tracks internet travel then reports where you have surfed. this data is sold to companies that advertise on the internet. they in turn take the data and average out what sites are most accessed by net surfers. the companies then will go to those web sites and post their ads to get them seen the most ...

your useage of programs and your surfing habits is very lucrative to the sellers of such data.. companies and advertiseing agencies will pay big $ to get that information..
Reply #23 from WinCustomize Forums Top
lordbarton could you temper your language a little, thanks. [2 posts removed for inappropriate content].
Reply #24 from WinCustomize Forums Top
My record for most spyware on one machine (never scanned) was 957. Gave my parents a lecture about that one....
Reply #25 from WinCustomize Forums Top
Uh, just want to say thanks for tellin em no, Draginol.