Security

Identify spyware symptoms and slowdowns

As spyware accumulates on a computer, performance can grind to a dismal halt. Combating spyware starts with learning to recognize its presence and understanding its impact on system resources.

Nothing is free, especially things that run on your computer. Spyware organizations may try to make it seem otherwise, but every process, application, toolbar, and piece of code uses some amount of your computer system's resources. Even something as innocuous as a cookie consumes a small amount of resources. Although each piece of spyware may not be a resource hog by itself, the combined toll of 30, 40, or more spyware applications will definitely have a negative impact on even the most robust system. In this article, you're going to learn some of the common symptoms that will help you recognize spyware that's installed on a system. You'll also learn how spyware affects a computer system by using valuable system resources, either alone or when combined with other spyware applications.

Spotting spyware: Browser clues

Recognizing some types of spyware is easy, but other types are good at hiding themselves. The most prevalent and easiest form to recognize is adware, since its purpose is to display ads in pop-up browser windows. When an adware program is installed on a computer, an abundance of pop-up windows will display. Some adware programs generate multiple pop-up windows when users view a Web page, subjecting them to two, three, or even four pop-ups whenever a new Web page is opened. Some adware programs are designed to display pop-up windows even if the computer is offline.

Another favorite implement of the adware networks is the browser toolbar. This is a small program that embeds itself in the browser window and claims to increase functionality by making it easy for the user to shop, surf, or search. The aid that browser toolbars provide is debatable, but they record demographic and surfing habits for the adware organization. Many of these applications also generate pop-up windows. If a new toolbar suddenly appears in a browser window, it's a sure sign that the computer is infected with spyware.

Some adware companies install code that modifies the browser settings and changes the home page. Other spyware applications will redirect the browser from the intended Web site to a competitor's site. For example, a user might direct the browser to Google only to have the spyware application redirect the browser to a competitor's search engine. These types of overt changes are always the direct result of spyware applications.

Another browser-related indication that a spyware installation has occurred is that the [Tab] key doesn't work when the user tries to navigate between fields in the browser, or the [Alt][Tab] key combination doesn't switch to another window. Changing or disabling the key functionality forces the user to view the pages that the spyware programs display. This type of programming is rare and is relegated to the most aggressive of advertisers.

Systray icons and error messages

Spyware applications affect other parts of the system besides browsers. One obvious sign of a spyware installation is a new icon in the system tray. Once again, the spyware companies claim that starting the background process during system startup and adding the tray icon adds functionality for the user. However, in reality, these programs do little more than collect information and send it to the parent organization. In addition, if several spyware applications are added to the startup folder, the startup process is slowed down.

The random appearance of error messages clearly indicates that something is wrong with a computer system. Because many spyware applications are not written with the stringent development processes used in traditional software organizations, these applications have a tendency to corrupt the operating system environment. As a result, users will begin to see error messages during system startup or shutdown or when they attempt to use other applications. Depending on the types of problems caused by the rogue code, some users may even experience system crashes and blue-screen error messages. Left unresolved, these errors can eventually render the system unusable.

Dial-up connections

Although broadband Internet access is quickly becoming the norm, many people still use dial-up connections. People using these slow connections will suffer from spyware applications that send data across the dial-up connection. Some spyware applications are even designed to secretly install a dialer program, which covertly makes changes to the system and replaces the user's dial-up settings with a new configuration. Dialers typically place long-distance calls that the user is charged for, although many telephone companies will forgive the amounts if the user can prove that the calls were placed by the dialer application. These types of invasive applications are rare nowadays, but one company notorious for dialer programs is Alyon Technologies.

Depleting system resources

Perhaps the most common complaint about spyware is that it slows down the computer system. Applications running as background processes or in browser windows can consume a great deal of system resources, especially if several of them are installed on the system. Although this problem is more apparent on older systems that do not have an abundance of resources by today's standards, even new systems with lightning-fast processors and 512 MB or more in RAM can be brought to their knees by resource-hungry spyware applications.

Spyware applications use system resources in a variety of ways. First, the programs use memory and CPU cycles when they are running. If more than one adware application is installed and running, the combined effect can be quite dramatic, especially as they begin to open pop-up windows. Not only does this drain system resources and slow down the computer, but viewing Web pages can be quite difficult because the user is forced to waste time closing the advertising windows.

Spyware programs also use network bandwidth to open the advertising pages and send demographic information to the adware organization. Again, one application may not put a large dent in network bandwidth, but if several are active, they can consume a significant chunk, especially if the user is on a dial-up connection.

One type of system resource that is often overlooked is disk space. All forms of spyware use disk space. Although the amount is often small, as spyware applications accumulate on a computer, space consumption escalates. Even the relatively benign cookies can consume a large amount of disk space if thousands of them are saved on the drive. It's not uncommon for several megabytes of disk space to be used for spyware-related applications. This won't affect users who have a large hard disk, but those who have older systems and are pressed for space could benefit from the additional space freed by removing the spyware files.

In addition to using system resources, spyware applications may make registry modifications. This can have catastrophic consequences on a computer system if the application is poorly written. As we noted earlier, these types of modifications can make your system begin to display random error messages or cause crashes. Left unchecked, these problems can ultimately degrade system performance or make the system unusable.

Time, effort, money

Perhaps the biggest resource drain is the amount of time and money it takes to combat the presence of spyware applications. Corporate technology departments are seeing a large portion of their resources dedicated to removing spyware and preventing it from infecting the workstations on their corporate networks. But average computer users also suffer. They don't have the technological savvy to understand the problem or resolve it correctly. Instead, they're forced to pay computer professionals to remove the spyware from the system or use a system rescue disk to restore the computer to its original state. Neither of these scenarios is appealing for the typical user.

Wrap-up

As you can see by the examples in this article, the various forms of spyware can be quite disruptive to computer users on all levels. This new form of advertising is much more invasive than its print and broadcast cousins. Consumers can simply ignore ads delivered by those media, but spyware forces the computer user to interact with the pop-up window, toolbar, background process, or other form of code. As you'll see in future articles, recognizing when spyware is installed on a computer system and removing it promptly is the best method of protecting computers from catastrophic problems caused by spyware.

Editor's Picks

Free Newsletters, In your Inbox