Spyware and Adware

August 16, 2007

What are Spyware and Adware?

Spyware, adware and their variations are programs or applets that get installed on your computer by a download from the Internet. (You could also get them on a disk from somebody but that is less common.). There are basically three scenarios where problems arise:

  1. You knowingly download and install something but do not understand all the functions of the program.
  2. You download and install one thing but other things are installed along with it that you do not know about.
  3. Something is downloaded and installed without your knowledge.

There are many software downloads available on the Internet that call themselves freeware. Quite a few of these are, in fact, free and come without strings. In the end, however, the cost of any software has to paid for by somebody, somehow. One way to support the cost of software is through advertising that is downloaded and displayed on the user’s computer along with the software. Many useful and reputable programs are now distributed this way. Often they come both in a version that is “free” (but with ads) and in a version that has no ads but has to be paid for. As long as the user is told up-front about the ads and about any tracking that might be going on, this form of adware has a perfectly legitimate role. For example, I use the adware version of the Opera browser. I do not use the browser very often and I wouldn’t pay for it but I am willing to have small ads running when I do use it. Actually, they are unobtrusive and I pay them no attention. [Note added later: Opera is now free.]

Note that I said that I was willing for ads to run while I was using the program. Less scrupulous software distributors may have pop-up windows showing ads whether you are using their program or not. Even worse offenders graduate to “spyware” and contain a component running all the time in the background to track your viewing habits on the Internet (and possibly other things). Your preferences are relayed to advertisers so that ads may be targeted specifically to what is perceived to be your interests. For example, if you visit a lot of sports sites on the Web, you may find ads for athletic equipment showing up on your computer.

Legitimate programs are straightforward in alerting you that advertising banners or pages will be downloaded to your computer and shown to you whenever you try to use that program. Others are less up front and bury the notice about ads and other actions in the EULA (End User License Agreement). Having seen this type of turgid legalese innumerable times when using Microsoft applications, most of us just click the “I agree” button without reading the stuff. If you do read the EULA thoroughly, you may find that you have signed away all your rights to privacy. How legally binding this really is, I am not competent to say, but personally I find the implications disconcerting. Still other software packages do not even bother with hiding details in the legalese but simply carry out surreptitious actions on your system without notifying you beforehand.

Drive-by Downloads or Foistware

Not content to entice you into using their spyware by providing some useful function, some firms download stuff to your computer whether you want it or not. Many Web sites have ad banners that contain download links. If you accidentally click on the ad, you may initiate a download. Some of these ads contain messages that your system “may” be infected with a virus or otherwise impaired in order to lure you into clicking on something. Depending on your browser security settings, you may then receive some unwanted software automatically or get the standard Windows pop-up message asking, “Do you accept this download?” If you click “Yes,” spyware is installed. Note that the presence of a security certificate is no guarantee that something is not spyware. An example of a download window for a well-known problem program is shown in the figure below.

Sometimes, just viewing a page is sufficient. Many of these downloads take advantage of ActiveX controls in Internet Explorer (IE). The settings for Internet security zones in IE can be configured to prevent this. Also, Windows XP Service Pack 2 increases the security in this area of IE. Other browsers generally are not susceptible to ActiveX downloads. However, most browsers with insecure settings can be made to run Javascript or certain other types of code.

Lists of these types of spyware are available at the spyware database references given in the sidebar. Unless you are sure about a program, check it out on these lists before installing.

Other Problems

One issue is to how much of your privacy is invaded by the ad tracking. To some degree, it is the nature of an individual’s personal psychology that decides what is private. Some people are unconcerned while others react violently to the notion of being tracked. Privacy is a large subject and beyond the scope of this article but several references are given in the sidebar.

However you may feel about the privacy issues, the practical matter is that spyware uses your computer resources and bandwidth and often causes sluggish behavior or even crashes. Some spyware like the very popular file-sharing program Kazaa may even use your idle CPU time for whatever computational purposes they see fit. Many PC users have suffered significant degradation or worse for their system from the presence of spyware.

The most severe cases where the spyware is actually malicious and either causes deliberate damage to your system or uses your system for some nefarious purpose is usually considered a Trojan horse and is considered on the previous page.


Because of the proliferation of spyware, many programs are now available for detecting spyware and cleaning it out. Anti-virus programs do not detect most spyware because the programs do not have the characteristics of a virus. Thus a separate application is needed that specifically targets spyware. Links to two free programs, “AdAware” and “SpyBot Search & Destroy” are given in the sidebar along with references for others. Unlike ant-virus programs, where installing more than one program is not recommended, it is a good idea to clean your system with consecutive application of two or more spyware removers. According to PC Magazine , the commercial programs Spy Sweeper and Spyware Doctor are the two best anti-spyware programs. PC World also chooses Spy Sweeper as its top ranked program.

Firewalls that monitor programs on your system that attempt to connect to the Internet will give you warning of the presence of spyware. The Windows XP firewall does not have this capability so one of the firewalls mentioned in the references in the sidebar is recommended. If another firewall is installed, turn off the Windows XP version. The update SP2 automatically enables the Windows XP firewall.

It’s a good idea to check what programs run automatically at startup. Windows 98/Me systems can use MSConfig and Windows XP systems can use the services console to see what is running in the background. Unwanted programs can be detected and disabled. Any spyware can then be removed.

Avoiding spyware in the first place is the best defense. Use common sense in installing software. Check out any potential download with the spyware databases given in the references in the sidebar. Exercise caution when visiting strange Web sites.

Some references recommend disabling ActiveX entirely. While this will prevent many unwanted controls from installing, it will also break useful applications. A less drastic procedure is outlined on another page. Using the Firefox or other non-Microsoft browser is another recommendation for those who wish to avoid ActiveX problems. However, any commonly used browser is still susceptible to other types of script and the security settings for scripting should be consulted.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: