Parasites, Spyware and Malware Explained
What are Parasites?
'Parasite' is a shorthand term for "unsolicited commercial software" - that is, a program that gets installed on your computer which you never asked for, and which does something you probably don't want it to, for someone else's profit or just to be a nusiance.
The parasite problem has grown enormously recently, and many millions of computers are affected. Unsolicited commercial software can typically do the following and usually the User has no idea:
- Plague you with unwanted advertising ('adware')
- Watch everything you do on-line and send information back to marketing companies ('spyware')
- Add advertising links to web pages, for which the author does not get paid, and redirect the payments from Affiliate-fee schemes to the makers of the software (such software is sometimes called 'scumware')
- Set browser home page and search settings to point to the makers' sites (generally loaded with advertising), and prevent you changing it back ('Homepage Hijackers')
- Make your modem (analogue or ISDN) call premium-rate phone numbers ('dialers')
- Leave security holes allowing the makers of the software - or, in particularly bad cases, anyone at all - to download and run software on your machine
- Degrade system performance and cause errors thanks to being badly-written
- Provide no uninstall feature, and put its code in unexpected and hidden places to make it difficult to remove.
What is Spyware?
Spyware is a term used to describe software and tracking cookies that track your computer usage and reports it to a third party, often without your consent. Spyware often comes attached to Utilities such as a time and date manager, music download software, or ape buddies.
Why is Spyware bad? From slowing down your computer and even crashing it, to reporting your browsing habits, spyware ranges from invasive to harmful, but most all of it should be removed.
What is Malicious Software?
Malicious Software, more commonly known as 'Malware', is different than spyware in that it does not necessarily have to spy on the user to cause harm or annoyance, such as preventing programs from working, displaying pop-up ads, or changing your homepage.
Where do they come from?
There are three major ways unsolicited commercial software can make its way on to your machine:
Some freeware programs are 'bundled' with parasites, which are installed at the same time. The P2P file-sharing programs are notorious for this; in particular, iMesh and Grokster come with countless unwanted add-ons.
Often if you are careful to read the small print when you install the software it will warn you about this, and it is sometimes possible to opt out. So always skim the license agreement when you install and don't just click Next-Next-Next... but you still can't be sure they will tell you.
Many parasites load using Internet Explorer's ActiveX installation option. When a web page includes a link to an ActiveX program, a window will appear asking the user wishes to execute it. If 'Yes' is clicked (or if IE security settings are set lower than normal so that it never even asks), the software is allowed to run and can do anything at all it likes on your computer, including installing parasites.
For this reason, you should never click 'Yes' to a "Do you wish to download and install"... prompt unless you are 100% sure you trust the publisher of the software, which might not be the publisher of the web site you are viewing - read the dialogue box very carefully.
Sometimes sites (or pop-up ads) try to fool you into clicking 'Yes' by stating that the software is necessary to view the site, or opening endless error windows if you click 'No', or claiming that the digital certificate on the code means it is safe. It means no such thing. 'Microsoft Authenticode', signed by companies like Verisign, means only that the company that wrote the software is the same as the company whose name appears on the download prompt - nothing more.
Some of the really sleazy parasites, particularly homepage-hijackers and dialers, execute by exploiting security holes in Internet Explorer, ways of getting code to run that are not supposed to be possible, but are due to mistakes in the browser code.
You can do your best to guard against this by ensuring you have the latest updates and patches from Microsoft. Still, there are usually a handful of security holes that have not yet been corrected, so you can never be 100% sure you are safe.
One way of reducing your risk of exploitation is to go to Tools->Internet Options->Security and set the security level for the Internet Zone to 'High'. (If no slider is visible, click 'Default level' to make it appear first.) Then set the security level for the Trusted Zone to 'Medium' and add the sites you use and trust to this zone; you may need to do this quite often as many badly-designed sites just won't work in high-security mode.
Why doesn't my anti-virus software detect this?
Technically, most unsolicited commercial software is not viral: it does not spread from computer to computer, it just installs and runs on one system.
That doesn't mean it's not harmful, but anti-virus software does not attempt to detect all software that could be harmful. Whether it should is a tricky argument that ends up a question of where you draw the line.
Actually some anti-virus programs do detect some of the parasites outlined on these pages, but not nearly all, and not all versions of them. Parasites that install using Internet Explorer security holes are more likely to be targeted by the anti-virus software vendors, but the selection of targets seems for the most part to be pretty arbitrary.
For this reason there are now a number of anti spyware and malware packages around that work as a complement to anti-virus software.
Signs you may be infected with Spyware!
If your computer starts to behave strangely or displays any of the symptoms listed below, you may have spyware or other unwanted software installed on your computer.
- I see pop-up advertisements all the time.
Some unwanted software will bombard you with pop-up ads that aren't related to a particular website you're visiting. These ads are often for adult or other websites you may find objectionable. If you see pop-up ads as soon as you turn on your computer or when you're not even browsing the web, you may have spyware or other unwanted software on your computer.
- My settings have changed and I can't change them back to the way they were.
Some unwanted software has the ability to change your home page or search page settings. This means that the page that opens first when you start your Internet browser or the page that appears when you select "search" may be pages that you do not recognize. Even if you know how to adjust these settings, you may find that they revert back every time you restart your computer.
- My web browser contains additional components that I don't remember downloading.
Spyware and other unwanted software can add additional toolbars to your web browser that you don't want or need. Even if you know how to remove these toolbars, they may return each time you restart your computer.
- My computer seems sluggish.
Spyware and other unwanted software are not necessarily designed to be efficient. The resources these programs use to track your activities and deliver advertisements can slow down your computer and errors in the software can make your computer crash. If you notice a sudden increase in the number of times a certain program crashes, or if your computer is slower than normal at performing routine tasks, you may have spyware or other unwanted software on your machine.