Spyware is a generic term for a number of programs that you would never put on your computer deliberately, but which get there somehow anyway, typically by action of a popup or by clicking on something on a Web site. Spyware consists of several different varieties, ranging from innocuous but annoying, to downright dangerous. There are nearly 20,000 different SpyWare programs and variants of those programs, presently found on the Internet today, and the number is growing daily.

Adware is software that gets put on your computer by a popup, or as a result of installing something else that you think might have some value, such as shopping, better Internet search capability, or music or file sharing. Some adware merely tracks where you go on the Internet, then reports this back to a marketing company. It extracts your e-mail address from your e-mail program, and this, along with your browser history, allows the marketing company to send you spam e-mails regarding products or services that they think that they or their clients might have a chance of selling you. Some adware can also open up backdoor ports on your machine to allow popup ads to be sent from the marketer and to appear on your machine. If you're getting a lot of popups, likely there is at least one spyware program lurking on your computer. Common programs that install adware are Kazaa, P2P networking, Bonzi Buddy, etc. Some sites also require you to install special software in order to take advantage of special features of their site. We don't include sites that require recognized programs such as Flash, QuickTime, etc. but rather sites that require that you install some software to view their site. Many "adult" sites fall into this category.

Spyware includes keystroke loggers, and other programs that report more than just your internet browsing habits to a third party. It is possible for a dishonest third party to install a keystroke logger on your machine, then to extract a keystroke log from a file kept on your machine by the spyware program, and get your username and password for online banking, shopping, auction sites, etc. in this manner. Even if your bank, shopping site, or auction site uses secure encryption, it is possible to extract your userid and password, as the extraction is done BEFORE the information is passed across the Internet connection. If you've noticed that your computer is very slow, it is possible that you have SpyWare on your machine.

Browser Hijackers are programs that attach to your Internet Browser, such as Internet Explorer, or AOL, and prevent your computer from going to certain Web sites, or force your Internet Browser to only use certain search sites, etc. A common example of this type of program is CoolWebSearch, which forces your browser search page to change to something different than the default. Browser Hijackers can also change your start page, your home page, or direct you to pornographic or other inappropriate sites. This is done because the people who create these programs are charging a fee to the sites that they direct you to, and preventing you from seeing other sites that don't pay them money.

Another type of MalWare worth mentioning, although it is not strictly a SpyWare program, is a background dialer. These are installed by many pornographic sites, although we have seen them elsewhere. They can be present even if you do not use your dialup modem to access the Internet - as a matter of fact, they are common. What these programs do is to silence the modem's speaker, then dial a 900 number or other pay service, and keep connected to it as long as you are accessing a particular site. We recently had an incident where a client received a $1500.00 telephone bill for dialing 900 numbers, that was traced to a visitor who was accessing questionable sites on their computer. Whenever the site was accessed, the 900 number was dialed, and the charges started mounting up.

What can I do about it?

You should have a good anti-SpyWare program on your machine. We have found a couple of good anti-SpyWare programs that we highly recommend. One is Microsoft's MS AntiSpyWare, which can be downloaded directly from Microsoft's site at Microsoft.com. Note that this program ONLY runs on Windows XP or Windows 2000, it will NOT run under Windows 98 or ME. Also, you will have to validate your copy of Windows so that Microsoft knows that you are not running a pirated copy of Windows, before you can downloade this program.

The other good anti-SpyWare program we've found is SpyBot Search and Destroy. CAUTION: There are a LOT of other programs with the word SpyBot in their name, that are NOT SpyBot Search and Destroy. The genuine SpyBot Search and Destroy is FREE from PepiMK Software, and can be downloaded from SaferNetworking.org. This program will run under Windows 98 or Windows ME, and is a good choice if you are running under those operating systems.

You also should have a good AntiVirus program. We recommend Symantec's Norton AntiVirus. It is also important to check to make sure that both your AntiSpyWare and AntiVirus programs are up-to-date, as there are new threats being released daily, as the miscreants that produce them find that we have implemented ways of combating them.

Finally, it is important to PREVENT SpyWare as much as possible. Don't click on things you don't know. If you get a popup telling you that you have SpyWare on your machine, and offering a free SpyWare scan, chances are that the "free scan" is a scam to install SpyWare on your machine. Offers of Free Screensavers, Free Instant Message icons, etc. are also likely to be laden with SpyWare or worse. If you get a popup offering you a "free" ANYTHING just for clicking, what you're probably getting is "free" SpyWare!! Similarly, offers that will speed up your Internet browser, lead to better Web searching, save you money on coupons, etc. are also likely covers for SpyWare. Sometimes you have to be really careful to avoid installing something without knowing it. We've seen cases where the "EXIT" button on a popup would install SpyWare! Use the X button in the upper right hand corner, and make sure that it's really the X button, and not just another button, positioned similarly, that does not close the window, but installs something instead. We recently saw a case of a popup that a client had where the popup offered a $50.00 gift certificate if you clicked on a button with your opinion of whether the President is doing a good job. Whether you clicked YES or NO, you got the spyware, and nobody ever got the gift certificate.

Look at it this way: If you were sitting in the Mall parking lot, and some teenage kid walked up to you and told you that he could make your car go 200 MPH, get 75 MPG, and be invisible to police radar, but all you have to do is to let him do some stuff to it, then weld the hood shut so you can't see what he did, and you have to leave the keys in the ignition always, would you do it? Probably not, so why let someone do that to your computer?

Another thing you can do is to make sure your Windows OS is up to date. All versions of Windows except for Windows 95, are subject to periodic updates from Microsoft. As Microsoft finds vulnerabilities in Windows, Internet Explorer, and Outlook Express, they issue patches in the form of Windows Updates. Some of these are merely Recommended, others are Critical or Security Updates. It is important that all Critical and Security Updates be installed as they are released. Beware, however, of popups that may come up to tell you that Microsoft has released some update, and then direct you someplace other than Microsoft to get your "update" (which is probably SpyWare of some sort). We generally set up Windows Update to inform us of the updates, but then go to the Microsoft Windows Update Web site directly to obtain the updates, to make sure that they are really from Microsoft. Note that some Browser Hijackers are capable of redirecting your browser to sites other than Microsoft, or making your computer incapable of connecting to Windows Update. If this happens, you've got a problem.

SpyWare, once installed, can be extremely difficult to remove. Many SpyWare purveyors have an interest in keeping their stuff on your machine, and will go to great lengths to prevent its removal, by keeping processes going in the background that check for the presence of their program, and if it is not found, will re-install it or re-start it. Merely removing the program that put the SpyWare on the machine in the first place is normally not enough - Removing Kazaa, for example, removes the Kazaa program itself, but leaves all of the SpyWare and AdWare intact on the machine. Likewise, removing the SpyWare may not close the ports that the SpyWare opens; WeatherBug is a good example of the sort of program that opens ports on the machine, and while it performs a useful purpose, so does a doggy door in your house - until a skunk finds it and wanders in. There are programs out there that are constantly looking for open ports, and when they are found, the programs enter to do their dirty deeds.

One other thing to take note of - Sometimes we get clients who say "But so-and-so is running this program, and it hasn't caused any problems, and Such-and-such is running this other program and not having any problems.". While this may be true, sometimes programs that run fine on their own can interact with other software. Think of it this way - You can eat a tuna-fish sandwich for lunch, and you can have an ice-cream sandwich for dessert - but if you try a tuna-fish ice-cream sandwich, you're likely to get a tummyache. Some programs just don't get along with other programs!