The Spyware Revolution!

It's getting worse, not better.

Published on April 27, 2004 By Draginol In Windows Software

In 2000 Stardock was presented with an opportunity. It was near the height of the dot-coms and one of those dot-coms recognized a fundamental truth about WindowBlinds: It had the ability to fully control what was presented by the Windows GUI. So not only could WindowBlinds change the look and feel of your Windows GUI (title bars, push buttons, borders, etc.). But it could add new content. And one of these dot-coms came to us with a fairly straight forward proposition -- integrate advertisements into the Windows GUI and you could make big bucks. We turned them down.

While lots of money is always appealing, we did not want to be the company that made it possible for advertisers to take over your desktop. But that was before spyware really took off.

In the post-dot com collapse, advertising has lost much of its value but if companies could advertise without having to be on an actual website, they could still make money. And that's where spyware has come in. What is spyware? Odds are you have some on your computer. In fact, odds are you have a lot of Spyware on your computer. Spyware are various programs that manage to get themselves installed on your computer, usually without you knowing it. They sit there quietly informing their patrons what you are doing on your computer. Maybe they'll just report what websites you visit. Maybe they'll send back what programs you use. Maybe they'll list what songs you listen to. Who knows. Different programs spy on different things. Some of them will hijack your web browser so that you end up going to different websites than you intend to. Or maybe they'll pop up an advertisement randomly on your screen.

What they definitely do, besides invade your privacy, is cause all kinds of stability and performance issues on your computer. A couple of weeks ago I ended up having my system brought to its knees simply from having visited a website that used a vulnerability in Internet Explorer to install dozens of Spyware programs onto my computer. It took the better part of the day to get them off. They're as bad as viruses to remove and most anti-virus software won't remove them.

The program I've come to rely on is called Adaware. It'll scan your computer and remove much of the Spyware. If you haven't ever run one of these programs, you'll probably be shocked at a) how much of this crap has gotten onto your computer and how much it has slowed your computer down.

But that's not the worst part of it. Legitimate companies are increasingly putting Spyware in their software. The temptation is great. Stardock estimated that it could have generated between $600,000 to $800,000 last year in additional revenue by bundling Spyware with its software. It has rejected all proposals because it doesn't need to make money that way. Stardock generates its revenue by selling its software. On-line, you'll see on some tech forums people complain that Stardock is "greedy" because it charges money to buy full versions of some of its products. I would say this method is much better than the alternative. Because increasingly, "free" software and "free" services aren't really free anymore. They claim to be free but they put this stuff on your computer.

WinCustomize, for example, is paid for by the sales of software and subscriptions. But the revenue it receives is nothing compared to some of the other sites in its market that now bundle spyware with their downloads. As I make my rounds on the net, I see the trend moving forward -- more and more sites, more and more products are moving to Spyware. Why? Because its victims usually have no idea that they're even victims. The distributors of Spyware can make millions of dollars while most people are totally unaware that they are funding it.

The net result is that we are seeing a mini-resurgence of the Dot-Com era. Entire companies and industries and even business models are being funded by Spyware. Personally, I hope Microsoft updates Windows so that this junk can't get installed on your computer without your knowledge. It's a serious security issue. People shouldn't have things running on their computer that they haven't given their okay to. But one has to wonder what will happen to the industry and the products and services which have come to rely on it.

For this article I scanned one of my laptops. I have never intentionally installed any Spyware on my computer. These are programs that installed themselves after having been surfing the net. And I don't frequent porn or warez sites.

Comments (Page 1)

BlueDev

on Apr 27, 2004

Adaware is great. But I really, really think you need to couple it with Spybot Search and Destroy. There are things that one misses but the other will catch. They work very well when used one after another. I run them each at least once a week to keep things clean.

6969jimbo6969

on Apr 27, 2004

Thanks for this informative post. I'll be sharing this around with compadres and colleagues. Hope the prices aren't sky high.

syrrusengr

on Apr 27, 2004

Agreed that you should concider also trying the features of Spybot. At the computer shop where I work we have something we unoffically call the "Spyware Special." We run TrendMicro's HouseCall online virus-scan, Ad-aware, Spybot - Search and Destroy, and then Windows Update; in that order. The one thing that Ad-aware has over Spybot is that it has snagged a few browser bars and hijacks that Spybot missed. BUT, Spybot will snag a few browser hijacks that Ad-aware will miss, as well as including a JavaScript helper to hopefully block some of those bad downloads from happening.

Either program is excellent though.

--Syrrus

sig101

on Apr 28, 2004

Just about anyone who frequents computer security forums is or provides computer support is well aware of the literally phenomenal explosion of brower hijackings and stealth spyware/adware installations. It's gotten so bad that some security related forums have areas and trained helpers solely dedicated to helping users remove this stuff from their PC's.

Typically these apps take advantage of default IE settings (lax from a security point of view) which can result in "drive by" installations without the user's knowledge. This crud may also be bundled with "free" or otherwise legit software, as Frogboy notes.

Recently Utah passed a bill called The Spyware Control Act: http://www.le.state.ut.us/~2004/bills/hbillenr/hb0323.htm

And last week the FTC held a workshop on adware/spyware: http://www.ftc.gov/bcp/workshops/spyware/index.htm

For anyone interested, this is classic info for how to prevent such infestations: http://www.wilderssecurity.com/showthread.php?t=27971

I've been told that reportedly that in XP SP2 Internet Explorer will be modified to make it more difficult to accomplish "drive by" intallation of such spyware without the user's knowledge and consent. (It's not yet clear whether MS will also provide a general IE 6 update for those who do not have XP.) But even so this won't keep people from downloading download programs that are bundled with spyware which may or may not adequately inform the user what the software does (and also how it might royally muck up your system).

kingbee

on Apr 28, 2004

hijackthis and cwshredder (coolwebpro search parasite/trojan) are both good tools to keep around as well. both are free and can be found by using their names as keywords in any search engine. hijackthis requires some knowledge but advice is available thru the forums.

Erk.

on Apr 28, 2004

There are free versions of both Spybot Search and destroy, and AdAware available.

Thomas Thomassen

on Apr 28, 2004

An interesting article from adaware's website; http://www.lavasoftusa.com/

Thomas Thomassen

on Apr 28, 2004

sorry, full URL is http://www.lavasoftusa.com/news/20031216.shtml

jelvis

on Apr 28, 2004

Hm.. The only spyware related software that I've ever gotten is the tracker cookies. It seems to pay off not using Internet Explorer and using open source software whenever possible.

And, yes, I do install quite a lot of software. But only from companies with a good reputation and those I do trust.

MasonM

on Apr 28, 2004

Thanks for the great article. I have been using Spybot for some time. I wasn't aware that there were things it missed that Adaware would catch and visa-vera. I update my Spybot regularly. I'll install Adaware right away and use them both.

There oughta be a law.

DanMS

on Apr 28, 2004

I think that superior to AdAware and Spybot (in combo) is PestPatrol (... .com).

Recently, I had an unfortunate encounter with some spy- ad-ware distribute by the otherwise respectable (VeriSign certified) UCMore. This add-on to the MyIE2 browser was popping-under exactly 2 IE6 (not MyIE2) windows per day.

None of these programs found the culprit: AdAware, Spybot, CWShredder, Hijackthis. All of these are pretty good, but not as good as PestPatrol.

PestPatrol not only found the spyware but found several others that the four above mentioned did not find. It also removed them completely and systematically, and provided information on them at the PestPatrol website.

When purchased (Yes, it's $40), it installs several other programs to detect key-logging, intercept cookies, and prevent loading spy- and ad-ware into memory. I think it's a bargain to have the best and most thorough on the market. With PestPatrol none of the other programs can detect any offensive installs. PestPatrol disk scans verify that all new pests are intercepted and destroyed BEFORE installation.

Have a look. Free to check youe disk with and to manually boot the extra services, but no automatic deletion of pests already installed.

Dan

MisfitChicks

on May 01, 2004

I have Ad-Aware, Pest Patrol, AVG, and I scan with House Call. Hopefully I'm not missing anything!

One question...and it may sound stupid. How are they making money off the ads?
I've never understood that? If you don't know the spyware is there, how are they making money off it?

That's all for me
Ali-Misfit Chick

Dave Dunn

on May 10, 2004

I always scan with the above mentioned, but still have the feeling I;m being hijacked on my broadband connection
There is a lot of time wasted on checking my system and sometimes I ruin it myself because I go into the registry
My concern is that the important system files get replaced like SVCHOST.EXE Generic Host Processor.
I really don't like microsofts approach with it's services did anyone ever try to shut down an SVCHOST process?
chances are you get the warning Windows shutting down in 30 secconds because Remote Procedure Call service has stopped. This is the biggest pest of all Remote procedure and Remote registry who needs it anyway
Yes Microsoft it self because it needs this tracking of your system. Do you know that 20% of your bandwith is reserved by the system it uses this for the automatic update it provides
This is only part of our missery I think Microsoft made enough money on it's sytem its about time windows got opensource You don't buy A car without an engine do you.
Well enough for now My point is Adaware and SpybotSD are not sufficient meassurements on it own
If we only knew which files of the system are used for what and there checksums we could protect ourselves better
So come over Microsoft give it up.

Redshirt #3

on May 10, 2004

One good site I've found on how to deal with spyware and such is http://www.mvps.org/winhelp2002/unwanted.htm
One of the things they have that I didn't see above that is covered is how to block a lot of that stuff using a HOSTS file (gives wrong IP information so the browser doesn't know where to go to get the ads/drive-by downloads/etc, as I understand it).

Windows XP SP2

on May 12, 2004

I've got WinXP SP2 Beta installed, its ace. It blocks everything. It stops everything connecting to the Net without your permission, it stops anything being installed without your permision. It bundles a popup blocker into IE, and changes the way ActiveX controls are installed : usually with a big fat 'Are you sure you want to do this?' dialog. I actually think its great, I feel like I have twice as much control over whats going on with my computer and the internet now.
It even blocked windows messenger from connecting to the net... how cool? I don't even like MSN-IM.

I've used Adaware before, but, maybe its just me, I tend to be quite safe browsing the net. Alot of it is down to education, knowing what you install before you do it. Technically software is the key to computer success. They are also the death agents, and can harm your computer. It only takes a small bit of code to save lots of time, or cause massive hassle... be careful what you install, which sites you visit, and all the rest of that stuff!

Your computer is only as safe as method in which you use it. Don't blame microsoft, but don't rely on them either.

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

Richer content, access to many features that are disabled for guests like commenting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!