Spyware cures may cause more harm than good

Web surfers battling "spyware" face a new problem: so-called spyware-killing programs that install the same kind of unwanted advertising software they promise to erase.

Millions of computers have been hit in recent years by ads and PC-monitoring software that comes bundled with popular free downloads, notably music-swapping programs. The problem has attracted dozens of companies seeking to profit by promising to root out the offending software. But some software makers are exploiting the situation, critics allege, turning demand for antispyware software into a launch pad for new spyware attacks.

A small army of angry Web users has set up a network of Web sites where they post reports of antispyware programs said to prey on consumers by installing offending files. Some of these charges could get a hearing soon, as public-interest group The Center for Democracy & Technology plans to file complaints with the Federal Trade Commission against specific companies.

"If people feel as though their privacy has been violated by a company that claims to be protecting them, that clearly is an unfair and deceptive practice," said Ari Schwartz, an associate director of Washington-based CDT. "You would think that an antispyware company would hold itself up to the highest standards."

The boom in spyware, adware and other PC hijackers has led to increasing calls for regulation from lawmakers, including presidential candidate Sen. John Edwards, D-N.C., and from public-interest groups.

Many software makers have turned to advertising as a way to make money from consumers who are reluctant to purchase programs. The same approach has been taken by some antispyware companies, even though they promise that their products will root out unwanted advertising from others. But the failure of some to disclose their practices has raised the greatest outcry.

Like viruses, adware and spyware programs can sneak into a user's computer hard drive with little or no warning and can hide their tracks in ways that make it difficult for even the most sophisticated computer users to find and permanently delete.

As adware and spyware have spread, demand for applications that clean up infected hard drives has grown, drawing a large group of competitors eager to profit. More than 50 programs claiming to erase adware and spyware are available online, and many of these are offered as free downloads. Several major Internet service providers, including EarthLink and America Online, have also moved to provide spyware-removal applications to their subscribers.

But as these programs proliferate, some software makers face mounting criticism that their products install the very things they promise to defend against. Some antispyware companies have pointed fingers at rivals and have added competing programs to their list of applications that contain adware or spyware. These lists are used to identify and sweep out offending software during antispyware scans.

Keeping track of spyware
One such tool facing allegations of abuse is SpyBan, an antispyware program that has been downloaded some 44,000 times in the last four months, according to Download.com, a software download site owned by CNET Networks, the publisher of News.com. Download.com removed the software this week, noting that SpyBan had failed to disclose and explain all the software components included in its installation, a violation of the Web site's policies.

Numerous competing antispyware companies, including Spybot-Search & Destroy parent PepiMK Software and Sweden-based Kephyr.com, have identified SpyBan as a potential source of unwanted spyware--notably a program listed by many spyware cleaners as Look2Me. Download.com had also independently warned that Look2Me might be installed along with SpyBan.

"I classified SpyBan as a Trojan Horse, since it gives the impression that it will protect your privacy, but does the opposite--installs spyware," alleged Kephyr's Roger Karlsson in an e-mail interview.

"Look2Me is a spyware program that monitors visited Web sites and submits the logged information to a server," Symantec reports on its Web site. According to PestPatrol, Look2Me is categorized as "software that brings ads to your computer. Such ads may or may not be targeted."

Information and links on SpyBan's Web site disappeared late on Monday, following inquiries from a CNET News.com reporter. An e-mail to a generic "info" address at the SpyBan Web site elicited an initial reply, but the company did not reply to questions about its software.

Prior to going dark, the SpyBan Web site contained no information about its corporate parent, and the domain name database--Whois--that typically contains contact information for companies contained none for SpyBan.

A Look2Me license agreement found on a cached Google Web page identified Minneapolis-based NicTech Networks as the software's "owners/authors."

A trace of SpyBan.net's Web domain name late on Tuesday showed that the site was hosted at the same Internet address as NicTech Networks. The SpyBan e-mail also originated from that IP address. Repeated calls to NicTech were not returned.

A question of trust
The effects of spyware and adware programs vary. Some spyware programs run quietly in the background, sometimes capturing what a computer user types or what Web sites are visited. Some of these applications, which are called keystroke loggers, are so potent that they can record user names and passwords for the most closely guarded Web sites, including online banks.

Far more common are "adware" programs, which can operate unseen in the background. These periodically pop up windows with advertisements, change a Web browser's home page, install unwanted search toolbars or add bookmarks to a browser. Many of these software programs track Web surfers' habits online and send the data to their parent companies.

Security experts say it is difficult to keep up with spyware programs, which constantly shift their way of working inside a computer to evade detection and which generally contain many times more programming instructions than an average virus. The confusion is underscored by differences in how security firms describe specific programs.

"I doubt anyone knows precisely what these things do, apart from the authors," PestPatrol researcher Roger Thompson said. "They are really complex. Viruses are easy compared to these things."

There is little doubt that millions of PCs have been infected with spyware and adware programs.

A recent unscientific EarthLink survey gives some indication of the spread of the problems. The company offered its subscribers a free online spyware-scanning tool, similar to an antivirus scan program. In the course of 426,500 scans, EarthLink found more than 2 million adware files installed and more than 9 million "adware cookies"--a type of cookie that tracks people's surfing habits.

A few independent antispyware companies, such as Lavasoft's Ad-Aware and Spybot, have been around long enough and have been used by enough people to have gained a reputation as safe.

For the most part, Net experts warn consumers simply to be careful, to make sure that they trust the source of any software they install on their computers and to contact authorities such as the Federal Trade Commission if they think that their privacy has been violated.

"My first advice, if you get spam advertising a piece of software: You should really think twice before downloading that program," the CDT's Schwartz said.

All of the below listed software is, as of this writing, freeware. Vendors who do have “Pro” versions of their software have the tendency to try to hide the link to the freeware version in the hopes that you'll click on the "Pro" versions. Make sure you get the freeware versions, which are adequate, unless of course, you want to pay for the "Pro" versions.

http://www.lavasoft.de or http://www.lavasoftusa.com to download/install/update then run the freeware program named Adaware and rid your system of spyware. You'll have to update and run it occasionally but if Spyware Blaster, ( second item down, ) does its job then adaware may not find anything new to delete.

http://www.enigmasoftwaregroup.com/jump7.shtml
to download/install/update and run. It is SpyBot Search and Destroy which is similar to Adaware. You’ll have to update and run this program occasionally if Spyware Blaster doesn’t do its job.

http://www.spywareinfo.com/articles/hijacked/ scroll down to the Spyware Blaster link, ( which is freeware, )/download/install and update it then run it to stop spyware from getting on your machine before the fact. You'll have to update and run it occasionally.

http://www.panicware.com for the freeware version of Pop-Up Stopper/download/install/tell it to start with windows.

http://www.grisoft.com for the freeware version of AVG anti-virus software/download/install/update and run a scan. You'll have to update and run it occasionally.

http://www.zonelabs.com for the freeware version of ZoneAlarm which is a software firewall. It will stop a lot of the intrusions into your system.

http://freedownloadscenter.com/Utilities/Access_Control_Utilities/Empty_Temp_Folders.html has a program named EmpTemp 2.8.1 which, when configured properly, will delete all unnecessary files and make your computer more secure by deleting your internet, history, cookies, and temp files.

If you have Microsoft.NET framework installed you should go to http://www.kalavath.co.uk to download and install then configure Ki-Washer. It has an additional feature that EmpTemp does not have in that it also deletes the *.dat files, ( which can still burn you even if the temporary internet files have been removed, ) in the Temporary Internet Files folders . It also has the added advantage of being able to “Keep” those files that are a necessity. However, the .NET framework is an absolute must or the program will not install. The .NET framework can be found at the Windows Update Site, which is here:

http://v4.windowsupdate.microsoft.com/en/default.asp

If you are concerned about spam email then you can go to the following link, scroll down to Mail Washer and click the Download link to download then install Mail Washer which is a program designed to let you check the email on your mail server before it ever downloads to your computer. You can then delete the email on the server before it gets to your computer.

If you are running WinXP then you may want to consider disabling Windows Messenger Service, ( not to be confused with MSN Messenger Service, ) if you are not on a corporate network whereby the dreaded system administrator sends messages to work stations using Windows Messenger then it can be disabled as follows:

Right-click My Computer/click on Manage/in the right-hand pane click the plus sign, ( +, ) in front of Services and Applications/click Services/look in the right-hand pane and scroll down, if necessary and find “Messenger”/right-click it/click on Properties/click the little down arrow to the right of the text box and click on Disable/click Apply/click the Stop button/Click Apply again, if necessary/click OK/at some point you may get a message telling you that you have to reboot/If you have already clicked on the Stop button then there is no need to reboot.

One or more of the above applications may give to you an error message that MSCOMCTL.OCX is missing. You can go to the following site to download either the zipped version or the unzipped version:

http://www.glrecordings.com/superyahtzee/mscomctl.html

One or more of the above programs, upon attempting to install it, may give to you an error message that you are missing the Visual Basic Runtime Version 6.0 files. The Visual Basic 6.0 install file can be downloaded here, on the link named VBRUN60.EXE:

http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q192/4/61.ASP&NoWebContent=1

All of the above software has Help and/or Tour and Tutorial files that will assist you in learning how to operate and configure the programs.

Computer security is a major concern and you should be diligent in keeping the above programs installed, updated, run and scan your computer using the appropriate programs, where necessary, on a regular basis.

On a somewhat non-related issue you may want to go to the following site to download then install and configure the freeware program named framxpro.zip which will optimize your computer system memory:

http://sac-ftp.gratex.sk/utilmisc23.html

You’ll need Winzip, which is a “shareware” program that can be used on a “trial” basis, to unzip the zipfile which can be found at the following site:

http://www.winzip.com
One other note about spam and/or sites that would sell or share your personal information with other spammers:

Sometimes when visiting a site you are asked to “sign up.” They ask for your name, email address, home address, home phone number and similar information. Never, EVER fill out these forms with accurate information unless it is a site that you know can be trusted. For your name, misspell it. For your street address, misspell the street name or use the wrong address. For you telephone number, invent one.

( While it is a shame that I have to suggest doing things that are less than honorable, I feel that in this day and age of the internet that one has to “fight fire with fire.” )

Now, as for your email address the following is what I do and recommend to others to do:

Create a Yahoo email account. Do NOT use the same prefix as your valid ISP email address. Now, whenever you visit a site that says you have to “sign up,” then you can use the Yahoo account email address. Also, on many sites where you have to “sign up” there are usually little check boxes that are checked by default. Some sites try to hide these check boxes just as you would see “fine print” on some contracts. Sometimes there is more than one check box. One check box might indicate that “I want to receive updates from you.” The other might say, “Yes, it is OK for you to share my information with partner companies.” On those sites that have only one check box there is usually a double statement such as, “I want to receive updates and important information from you and I also want to receive information from partner companies.” Uncheck those boxes unless you want to receive the information. ( By keeping these boxes checked then you are, in essence, agreeing to receive spam and have no recourse…..you asked for “it” and they are going to see that you get “it.” ) In this way you won’t start getting spam on your “real” ISP email address. ( Note: The Yahoo account has to be checked less than every thirty days or it is deactivated. Also, if the inbox of the Yahoo account fills up it is deactivated. ) Therefore, you’ll have to check the account regularly to keep it active. However, it is a small price to pay to keep your valid email address clean of spam. Yahoo’s email program has a built-in spam filter and it puts all suspect email in the “Bulk” email folder. Don’t give out your Yahoo account to any of your known good contacts. In this way you know that any email you do receive is unwanted email and all you have to do is to delete all of it without even looking at it.

If you want to have an alternate internet email address that can be used in the event that you do not have access to your ISP account from a remote computer and that can be given to your known good contacts then create a Hotmail email account.

Most ISPs will allow you to have more than one email account. If push comes to shove you can always create a bogus email address on your ISP account that you never intend to check. You can also use that email address at sites where you have to “sign up.”

Don’t EVER store credit card numbers on your computer. Hackers can find them. Don’t EVER give random sites your credit card numbers unless you explicitly trust those sites. You can give credit card numbers at the sites of your credit cards or if the site address begins with “https://” as opposed to http://. The “s” denotes a Secure website.

Don’t EVER enable “File Sharing” on your computer unless you are on a network and simply have to share files.

You can also find literally thousands of freeware programs at the following sites if you click on the Freeware link at the site. You may want to “experiment” with the various programs available at those sites if you want to find programs that you like better than the ones I have suggested above:

http://www.webattack.com

http://www.winsite.com

At the webattack site the freeware programs are arranged by category.

At the winsite site you’ll have to do a little bit more reading.

If you want a good search engine that I think surpasses Google then go to the following site to download and install the freeware version of Copernic Agent:

http://www.copernic.com

It has a feature that will let you search for “Exact Phrase” which Google lacks. I find that feature to be most useful. Copernice searches many of the major search engines simultaneously.

Finally, KEEP YOUR WINDOWS CRITICAL UPDATES UP TO DATE! KEEP ALL OTHER WINDOWS UPDATES CURRENT! KEEP ALL OF YOUR OTHER SECURITY AND ANTI-VIRUS SOFTWARE UP TO DATE! IF YOU ARE RUNNING WINXP KEEP THE BUILT-IN FIREWALL ENABLED!

I hope this helps you.

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.