Free Computer Courses Training Tutorials Intelligentedu.com Home  ->  Learn About Computers, Software Development & Information Technology  ->  Table of Contents



Chapter 17:
Spyware


 

Spyware: Lurking on Your Computer

A spyware is software or hardware installed on a computer without the knowledge or explicit permission of the user.  Spyware is generally used for gathering personal information about the computer and the user for later retrieval by whomever is controlling that spyware.  Spyware gets into a computer through a software virus or as the result of installation of any new program, especially  freeware or shareware. The data-collecting programs that are installed on a computer and that are within the user's knowledge are not spywares, if the user fully understands what data is being collected and with whom it is being shared.

In order to understand how spyware and scumware works, it is important to know a little something about programming languages and scripts.Basically, there are four types of scripts: ActiveX, Java, JavaScript, and Cookies.These scripts have a lot of security holes and can be used to maliciously attack computers.If you thought not being able to control your browser was bad, think of the JavaScript that allows others to access files from a user's hard drive.There are reports that a hacker created ActiveX script that allowed him/her access to financial information on a web user's system.Spyware and Scumware are basically programs that utilize these scripts to take advantage of unwitting web users.Like I said, you are lucky if it is just taking control of your browser and not spying on your activities or reading the files on your computer.


Types and Behavior of Spyware

On the basis of their purpose, spyware can be of two types, surveillance spyware and advertising spyware (adware). Surveillance spyware includes key loggers, screen capture devices, and Trojans to be used by corporations, private detectives, law enforcement, intelligence agencies, suspicious spouses, etc. It usually hides inside the computer and works to avoid detection. On the other hand, an advertising spyware or adware places ads that appeal to a user's tastes in front of the user, assemble demographic information about groups of online users and measure the popularity of ads, websites, or file downloads in which the ad company has an interest. The ad company examines this data with the hope of spotting trends in online activity. An adware logs information about the user, possibly including passwords, email addresses, web browsing history, online buying habits, the computer's hardware and software configuration, the name, age, sex, etc., of the user.

Most forms of embedded spyware do not disclose what the software will be doing or that it is even there. Another behavior of spyware is its ability to reinstall and not go away. These spyware software's are attached to the freeware programs. When the parent software is uninstalled, the spyware can stay on the machine and continue to perform its tasks of information collection. An example of such spyware is Comet Cursor from Comet Systems. Comet Cursor allows a user to customize their icons to characters like Garfield or Dilbert. When this software is uninstalled, the embedded spyware is left behind. The only way to dispose of this software is to find the specific .dll files and delete them. But this can be dangerous because other programs can use those .dll files. Other forms of spyware have been known to reinstall even after the files have been removed. This is accomplished by distributing the files across the user's system. When a file is missing, it can be downloaded the next time that the user connects to the Internet. Special software, in many cases, must be used to remove the spyware completely.  Sometimes if the spyware files are removed, the freeware program will no longer work.


Well Known Spyware

Nowadays, free file-sharing programs are the most common carriers of these spywares.  Below is the list of some well-known file sharing programs along with spywares they install.

 

File Sharing Program Spyware / Adware Installed
BearShare SaveNow
Grokster

Cydoor, eAcceleration, Install, Gator,  iGetnet, IPinsight, MyBar, PurityScan,  webHancer
Kazaa Brilliant Digital, Cydoor, DoubleClick, DownloadWare, New.net, SaveNow
LimeWire eBates Moneymaker
Morpheus Gator, IPinsight, WurldMedia

Gator

Gator is a program very similar to Microsoft Windows AutoComplete service. Gator is used to automatically fill in passwords, forms, and address information on websites. But there is one problem with Gator that it can keep track of the credit card numbers of the users.


Comet Cursor

Comet Cursor is a browser extension that allows websites to change the cursor substituting any image instead of the standard arrow. The home company receives information like the user's cookies, IP address and other information using GUIDs.  According to Comet Systems, the makers of Comet Cursor, the information is used to determine which cursors are popular to improve the selection that the service offers. Even after the parent software is gone, the spyware is still there and is still at work.


Cydoor

Cydoor is another spyware that embeds advertising in host software, converting it to free adware. Users do not have to be online while using software embedded with Cydoor.  Ads are pulled from the protected ad cache within each user's computer whether they are online or offline. The program continuously displays ads from the cache until it is updated, which occurs the next time the user goes online.


SaveNow

SaveNow is an adware application that automatically downloads advertisements from a server and displays them on the system.  SaveNow is most often installed by third-party applications.


IPinsight

IPinsight uses a software application to determine Internet users' connection speeds and neighborhood level geographic locations.  It sells this non-personally-identifiable data to websites which use the data to geographically target their ads and to decide whether to use rich media ads (for fast connection speeds) or standard ads.


Webhancer

This software relays the web-surfing performance metrics of the user to Webhancer Corp. to generate performance reports for third parties.  The user's internet connection is used periodically to send and receive data.


Spyware To Be Extremely Wary Of:

  1. Adware

  2. Alexa

  3. Aureate

  4. BonziBuddy

  5. Comet Cursor

  6. Cydoor

  7. Doubleclick

  8. DSSAgent

  9. Everad

  10. eZula

  11. Expedioware

  12. Flyswat

  13. OfferCompanion

  14. Hotbar

  15. OnFlow

  16. TimeSink

  17. Web3000

  18. Webhancer

  19. Transponder

  20. Wnad

  21. ZapSpot

  22. SurfPlus

  23. AdvertBar

  24. NetPal

  25. CashBar

  26. WurldMediaBHO

  27. MessageMates

  28. EWA

  29. Ezsearchbar

  30. CommonName

  31. GoHip

  32. DownloadWare

  33. NetworkEssentials

  34. ImiServerIEPlugin

  35. TopMoxie

  36. Lop.Com

  37. BDE Projector

  38. Ucmore

  39. OpenMe

  40. JaypeeSysBHo

  41. Flash Track

  42. NetRadar

 


Detecting and Removing Spyware

Since spyware and adware constantly transmit the information from the computers, it is important to remove them to keep the computer and data secure.  In addition, the loopholes created by these spywares leave computers and data vulnerable to the intruders.  All this makes it of utmost importance to have a proper spyware detection and removal mechanism.

There are many ways by which a user can protect the computer from spywares.  The most effective way to secure a computer against spyware programs are firewalls.  Firewalls control everything that a computer transmits and receives. They are software systems that allow a user to secure their system. Another way of detecting spywares is the use of packet sniffers.  Packet sniffers are programs that capture network packets.  These utilities can show the packet's header information that includes source and destination IP addresses, which are shown in both hexadecimal and plain text helping the users in monitoring the outbound packets from their computers.

After detecting a spyware or an adware, it's important to remove them. If you have already been hijacked, the following list of software will help get rid of the hijacking software, unless it is fairly recent:�  



Spyware Remover Programs

These programs not only search system's registry keys placed by spyware programs, they also search memory and hard disk drives for spyware programs and files and remove them.  

This software is updated often enough so that there should be no problem in regaining control of your computer.If there is still a problem, take a look at this page for updated information about spyware in your computer (please note the disclaimer).� You can choose to wait until this software to counteract the hijacker is updated. This occurs frequently, so the antidote to your problem is probably not very far away.� 

Taking these steps is just the beginning, but go a long ways in securing your computer and yourself from those who mean you harm.

1. Spybot S& D

2. Ad-Aware

3. Aluria Spyware Eliminator

4. HijackThis

Ad-Aware 6.0

Ad-aware is a multi adware removal utility which scans your memory, registry and hard drives for known adware components and lets you remove them safely. With its ability to comprehensively scan your memory, registry, hard, removable and optical drives for known data-mining, aggressive advertising, and tracking components, Ad-aware will provide the user with the confidence to surf the Internet knowing that their privacy will remain intact.

 

Ridding Yourself of Scumware

Several of the worst scumware offenders, including Surf+, op Text and Gator can be manually uninstalled by going to this website for "de-scumming" your computer.


 SpyBot Search & Destroy

Search & Destroy can detect and remove a multitude of adware files and modules from your computer. Spybot can also clean program and web usage tracks from your system, which is especially useful if you share your computer with other users.  Modules chosen for removal can be sent directly to the included file shredder, ensuring complete elimination from your system. And for advanced users, it allows you to fix Registry inconsistencies related to adware or malicious program installations. The handy online update feature ensures that Spybot always has the most current and complete listing of adware, dialers, and other uninvited system residents.


Internet Cleanup 3.0

Internet Cleanup 3.0, from Aladdin Systems, protects your Internet privacy by erasing your Internet data trail and permanently removing tracking devices left on your computer by websites you have visited. Internet Cleanup also gets rid of all privacy-risking files and tracking devices and adds pop-up and banner ad blocking.


Spy Remover 5.0

Spy Remover 5.0, from Rizal Software Developers, is the free multi-spyware removal tool that protects your privacy. The software also detects and safely removes spyware and advertising trojans from your system.


Aluria's Spyware Eliminator

Aluria's Spyware Eliminator� protects you from the Spyware epidemic. While anti-virus software guards you from viruses, it does not prevent Spyware from attacking your computer. Aluria's Spyware Eliminator not only detects and removes Spyware, Adware and Keyloggers from your computer, it also actively blocks Spyware and Adware when your computer is under assault.


BPS Spyware/Adware Remover

BPS Spyware and Adware Remover� is a multi Adware, SpyWare, Trackware, Thiefware & Big Brotherware removal utility with multi-language support.  It scans your memory (for active memory ad components, which are not stored on your hard drive and last only as long as the computer is powered up), registry and hard drives for known SpyWare parasites and scumware components and lets you remove them safely -- even ad component DLLs.





 

Copyright 2006 by DeepSearcher Inc. - All rights reserved