The largest target of spyware is without a doubt Microsoft's Internet Explorer. It is the most widely used web browser and it has a long history of weak security. Its deeply integrated into the Windows operating system and its scriptability make it very susceptible to intrusion by malicious software. Browser helper objects can easily attach to Internet Explorer. These helper objects redirect traffic and add toolbars.
The most common cause for users of the Microsoft Windows operating system to seek technical support from internet service providers or computer manufacturers is the infestation of spyware. In most cases the user has no comprehension of spyware and thinks that the system’s stability, performance, and/or connectivity issues relate to Microsoft Windows, hardware, or to a virus. Occasionally, owners of seriously infected systems end up purchasing an entire new computer system because their existing system "has become too unreliable or slow". Extremely infected systems sometimes require a clean re-install of all their software to allow the system to function properly. This is a highly time-consuming chore, even for accomplished users.
Normally, a single piece of spyware does not make a computer unusable. However, an infected computer almost always has more than one piece of spyware installed. AOL did a study in 2004 and concluded that if a computer has any spyware at all, it will be infected by dozens of different pieces. Its the cumulative effect of the different spyware components that cause the problems reported by users. The computer slows down to a crawl, overpowered by the many power-draining processes running on it. Similar to an immune deficiency disease, some kinds of spyware disarms anti-virus software and firewalls, and/or lowers browser security settings, which subjects the system to additional infections. In addition, there have been cases where a spyware program has disabled a competitor’s spyware program already installed on the computer.
There are some forms of spyware that modify system files to make themselves very difficult to remove. For example, Targetsoft changes the "Winsock" Windows Sockets files. Removing the spyware infected file "inetadpt.dll" will interfere with networking usage. For the sake of convenience, a Windows user generally has administrative-level system privileges. Because of this, any program which the user runs, intentionally or not, will have full access to the entire system. Spyware, along with other various dangers, has caused some Windows users to change to other platforms such as Apple Macintosh or Linux, which are less frequently targeted by spyware authors.
The most common complaints about spyware are Pop-up advertisements. Displaying and/or downloading ads can overwhelm a system. Its very rare for an infected system to have only one spyware program running. More typically, the system will be infected by dozens of applications. So, while one of the programs may display ads infrequently,the cumulative effect on the system can become overwhelming.
Most web users dislike offensive or irritating advertisements. Just like banner ads, some spyware advertisements use flickering banners or animation designed to get the user’s attention — because of this they are very distracting. Pornography Pop-up ads often display indiscriminately, this even includes when children may be using the computer which is in violation of many anti-pornography laws.
Wednesday, July 2, 2008
Spyware and Microsoft Windows
by: Leif Wheeler