WAYS OF INFECTION
Spyware parasites differ from regular viruses. They do not spread by themselves and usually must be installed as any other software with or without the user’s consent. Some rare pests are able to exploit system security vulnerabilities and act similarly to worms. There are three major ways undesirable spyware program can get into the system.
1. Many spyware vendors deceive the user by presenting a particular spyware program as a useful tool, for example, a powerful web search service, fast download manager or reliable Internet accelerator. Users download and install such programs. However, practically all of them appear to be either completely useless or ineffective. Although in most cases users can uninstall such programs, spyware components stay in the system and remain fully functional.
2. Lots of free, ad-supported or shareware products are bundled with small add-ons needed by the host program to work properly. These add-ons actually are third-party spyware parasites. Uninstalling the host application not always removes bundled spyware.
3. Most widely spread spyware programs get into the system using Internet Explorer ActiveX controls or exploiting certain web browser vulnerabilities. Their vendors run insecure web sites filled with malicious code or distribute unsafe advertising pop-ups. Whenever the user visits such a site or clicks on such a pop-up, harmful scripts instantly install spyware. The user cannot notice anything suspicious, as parasites do not display any setup wizards, dialogs or warnings.
It is known that some spyware can also be dropped by specific viruses, trojans or worms.
Spyware affects mostly computers running Microsoft Windows operating system.
WHAT SPYWARE DOES?
- Steals sensitive personal information, identity details, monitors everything the user does online, tracks web browsing habits and sends all collected data to a remote server.
- Serves undesirable advertisements, displays large amount of annoying pop-ups. Such activity is specific to most illegal adware parasites.
- Redirects a web browser to advertising sites or commercial Internet search services whenever the user enters an incorrect site address or even without any obvious reasons.
- Changes web browser's default start and search pages to advertising sites and prevents the user from restoring initial settings. Such activity is common for all browser hijackers.
- Creates numerous links to advertising resources, places desktop shortcuts to third-party spyware sites, adds multiple bookmarks to the web browser's Favorites list.
- Modifies essential settings of a web browser, decreases overall system security level by enabling certain web browser's features that allow to quietly run any web scripts or install any software from the Internet.
- Connects a compromised computer to the Internet through high-cost phone number without user knowledge. This activity is specific to so called dialers. The system can be affected only if a modem is installed.
- Degrades overall system performance and causes software instability. Some parasites are badly programmed, they waste too much computer resources and conflict with installed applications.
- Provides no uninstall feature, hides processes, files and other objects in order to obstruct its removal as much as possible.
There are thousands of different spyware parasites. The following examples illustrate how treacherous and harmful spyware can be. CoolWebSearch
is the entire family of browser hijackers that all attempt to redirect a web browser to the coolwebsearch.com domain. Most of these threats display advertisements, change web browser's default start and search pages and modify security settings. From the first sight, CoolWebSearch parasites are relatively harmless. However, some variants are able to steal user passwords, bank account details and other identity data. These pests are virtually impossible to remove.
Infamous Gator spyware made the headlines because of its enormous prevalence. Various Gator variants are still bundled with ad-supported software and can get into the system from insecure web sites. Parasites display numerous advertisements and install additional spyware components without user consent. Most of their victims noticed increased frequency of web browser crashes and overall system instability. Practically all Gator variants include parts that stay active even after a user uninstalls the pest. BonziBuddy
spyware is targeted at children. Its description says that the program displays an animated on-screen ape that helps kids to surf the web and use e-mail. However, BonziBuddy also silently installs several additional spyware parasites that not only violate user privacy, but also affect computer’s performance and security.
CONSEQUENCES OF SPYWARE INFECTION
Spyware is not as dangerous as most computer viruses are. It doesn't infect files or destroy the system. But instead it discloses user's priceless personal information to advertisers and even real thieves. Malicious persons use spyware to collect passwords, bank account details or credit card numbers. This information allows them to steal victim's money, use his name, address and other contact data for criminal offences.
Spyware activity gets on user's nerves and even costs money. Not all computer users can easily identify a spyware infection and take required actions immediately. A parasite may stay undetected for months. All this time it will obstruct user’s usual work, download and install third-party risks. Eventually a computer's performance and stability will be greatly reduced and the user will have to take it to professional repairers. There are real examples of depressed users buying new computers, as old ones are totally inoperatable because of numerous spyware parasites installed.
HOW TO REMOVE SPYWARE?
As it was said above spyware parasites are not viruses and therefore cannot be removed with the help of regular antivirus products. To remove such pests special anti-spyware tools (spyware removers) should be used. These programs scan the system in similar way as antivirus software. However, they have special parasite signature databases, which allow them to detect and eliminate most spyware and adware threats. Powerful spyware removers include real-time monitors that prevent the installation of known risks and unauthorized system modification. The most effective and popular anti-spyware programs are Spyware Doctor
, Microsoft AntiSpyware Beta
, Spybot - Search & Destroy
, Ad-Aware SE
, eTrust PestPatrol
In some cases even a spyware remover can fail to get rid of a particular parasite. That is why there are Internet resources such as 2-Spyware.com, which provide manual spyware removal instructions
. These instructions allow the user to manually delete all the files, directories, registry entries and other objects that belong to a parasite. However, manual removal requires fair system knowledge and therefore is a quite difficult task for novices.