There’s a lot of confusion about exactly what the term “spyware” means and it seems that everyone has an angle. For example, some shady software vendors prominently label their programs “spyware-free” even though in fact they may contain undesirable software hitchhikers that most of us would classify as spyware. The companies justify these claims by using an extremely narrow definition of the term “spyware” — but in our minds, these claims wouldn’t be much different than a soda manufacturer’s proclaiming that its product is “sugar-free” and justifying this statement by arguing that the corn syrup in the soda just doesn’t fall under its definition of “sugar”.
How Serious Is the Threat?
Conversely, some companies — particularly developers of anti-spyware software — may be overly aggressive in applying the term “spyware” and toting up the tally of supposed spyware on your PC. For example, anti-spyware software may scan your computer and report hundreds of spyware infections, when in fact you may just have just a handful of real problems, if any at all. The products report less-dangerous cookies as spyware. This practice is common with products that provide “free” scans as they want to use the results of the scan to scare you into purchasing the removal part of the product. Even many legitimate anti-spyware tools detect and display cookies so you need to either turn off cookie detection or learn to see through the cookies to the real spyware.
No spyware doesn’t necessarily mean no spyware. Kazaa installs a plethora of adware onto your computer.
Dialers are another variety of malicious software — one that doesn’t technically spy on you but can still wreak financial havoc. Dialers can instruct your computer’s modem (if you have one installed and connected to a phone line) to dial expensive long-distance calls or pay-by-the-minute 900 services, leaving you stuck with the bill.
Keyloggers (a stolen view into your computer is shown here) are not nearly as common as adware but they are the nastiest form of spyware in that they do actually spy on you.
And that’s the crux of the problem: Adware typically gets installed without your knowledge, then consumes your computer’s resources. In addition to interrupting your work with barrages of advertising, adware can slow your computer to a crawl and cause frequent crashes. We’ve seen computers so hopelessly infected by adware that their owners essentially stopped using them, turning them into an expensive doorstop.
In some cases, adware poses a privacy threat too; it may monitor your computer usage and report back to a central server that tries to determine what kind of ads to send you. For the most part, though, it’s the side effects of adware that make it such a nuisance.
Then there are browser hijackers. Hijackers may reset your browser’s home page to a site you never intended to visit, and then prevent you from changing it. Or they may commandeer the search and error pages your browser would normally display if you tried to visit a non-existent site. Some browser hijackers will even prevent you from visiting certain sites and direct you to other sites instead.
PC Pitstop’s position is that any program that installs without your informed consent and adversely affects your computer deserves to be considered spyware. If the program actually tracks your behavior or actively resists installation, as some varieties of spyware do, that’s all the worse. And we don’t think that software developers should be let off the hook just because the dense legalese known as the EULA (End-User License Agreement) somewhere mentions the extra software you’re agreeing to install.
How Do You Know if You Have Spyware?
Sometimes the signs of spyware on your system will be obvious. If you’re seeing pop-up ads not associated with sites you’re visiting, if your browser’s home page has been changed and you can’t change it back, or if your modem is dialing inexplicably and unexpected charges are showing up on your phone bill, you can be confident that some sort of spyware has infiltrated your system. Other warning signs include new toolbars that have appeared in your browser, lots of unexplained new Favorites (especially for gambling and porn sites), and new icons splashed across your desktop.
The symptoms aren’t always so evident, though. Keyloggers are specifically designed to be stealthy. And if your system has recently gotten slower or started crashes more often, you might not immediately associate the problems with adware.
The easiest way to tell if your system is infected is to run a reputable spyware scanner. A word of caution: Never trust a pop-up ad that tells you it has detected spyware running on your computer. Performing a real spyware scan means you’ll have to download and install software and give it time to examine all the nooks and crannies of your system. Lots of alternatives are available — usually with free trials — and PC Pitstop recommends PC Tools Spyware Doctor.
Regardless of which anti-spyware tool you use, make sure you run the program’s auto-update feature so you have the latest definitions, since spyware is always changing and anti-spyware vendors continually race to catch up.
When you run a scan you’ll get a potentially alarming series of results, perhaps with a claim like “200 spyware traces detected”. A bit of clarification is valuable here. A spyware “trace” is something like a footprint that software leaves on your system. A single spyware package might like dozens or even hundreds of traces in different places on your PC.
Additionally, many anti-spyware utilities will warn you about certain browser cookies that they detect. Although cookies do present a minor privacy threat, because they can potentially string together your visit to a series of Web sites, cookies aren’t programs and aren’t actively malicious. You can easily delete them or even block them from within your Web browser.
Once you’ve scanned your system to identify potential spyware, you’ll need to remove the threats you’ve found. If you remove adware that came bundled along with software like a peer-to-peer file-sharing program or a screen saver, be aware that the program may refuse to operate afterward. After you’ve finished removing spyware, you should reboot and scan your system again, since some wily spyware will manage to reload itself when you restart. We’ve found that no one anti-spyware product can solve every spyware infestation, so you may need to run multiple programs to finish the job.
We don’t recommend you rely solely on anti-virus tools, like those provided by Symantec and McAfee, to protect yourself against spyware. Valuable as they are for protecting against viruses and worms, these programs don’t yet provide the same coverage for spyware and adware.
Also, if you’re running Windows XP and haven’t yet upgraded to Service Pack 2, plan to do it as soon as possible. SP2 includes a number of security fixes and new features to help make it harder for you to accidentally download spyware in the future.
Finally, remember to practice safe surfing habits. Review our previous [Safe Surfing] article or purchase PC Pitstop’s “Safe Surfing” DVD to learn safe behaviors.
Spyware, like spam, has become one of the hassles that comes with using the Internet. But with a little knowledge and caution, and the right tools, you can make smart decisions that will help you prevent infections and remove those that do occur.
Robert P. Lipschutz is president of Thing 7 and the father of three children. John Clyman is president of technology consulting firm Narrative Logic, LLC, and a leading expert on anti-spyware software.