Spyware is software with malicious behaviour that aims to gather information about a person or organization and send it to another entity in a way that harms the user—for example, by violating their privacy or endangering their device's security. This behaviour may be present in malware as well as in legitimate software. Websites may engage in spyware behaviours like web tracking. Hardware devices may also be affected. Spyware is frequently associated with advertising and involves many of the same issues. Because these behaviors are so common, and can have non-harmful uses, providing a precise definition of spyware is a difficult task.
Antivirus software, also known as anti-malware, is a computer program used to prevent, detect, and remove malware.
Spybot – Search & Destroy (S&D) is a spyware and adware removal computer program compatible with Microsoft Windows. Dating back to the first Adwares in 2000, Spybot scans the computer hard disk and/or RAM for malicious software.
Scareware is a form of malware which uses social engineering to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software. Scareware is part of a class of malicious software that includes rogue security software, ransomware and other scam software that tricks users into believing their computer is infected with a virus, then suggests that they download and pay for fake antivirus software to remove it. Usually the virus is fictional and the software is non-functional or malware itself. According to the Anti-Phishing Working Group, the number of scareware packages in circulation rose from 2,850 to 9,287 in the second half of 2008. In the first half of 2009, the APWG identified a 585% increase in scareware programs.
Norton AntiVirus is an anti-virus or anti-malware software product founded by Peter Norton, developed and distributed by Symantec since 1990 as part of its Norton family of computer security products. It uses signatures and heuristics to identify viruses. Other features included in it are e-mail spam filtering and phishing protection.
WinFixer was a family of scareware rogue security programs developed by Winsoftware which claimed to repair computer system problems on Microsoft Windows computers if a user purchased the full version of the software. The software was mainly installed without the user's consent. McAfee claimed that "the primary function of the free version appears to be to alarm the user into paying for registration, at least partially based on false or erroneous detections." The program prompted the user to purchase a paid copy of the program.
The Vundo Trojan is either a Trojan horse or a computer worm that is known to cause popups and advertising for rogue antispyware programs, and sporadically other misbehavior including performance degradation and denial of service with some websites including Google and Facebook. It also is used to deliver other malware to its host computers. Later versions include rootkits and ransomware.
Rogue security software is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. It is a form of scareware that manipulates users through fear, and a form of ransomware. Rogue security software has been a serious security threat in desktop computing since 2008. An early example that gained infamy was SpySheriff and its clones, such as Nava Shield.
SpySheriff is malware that disguises itself as anti-spyware software. It attempts to mislead the user with false security alerts, threatening them into buying the program. Like other rogue antiviruses, after producing a list of false threats, it prompts the user to pay to remove them. The software is particularly difficult to remove, since it nests its components in System Restore folders, and also blocks some system management tools. However, SpySheriff can be removed by an experienced user, antivirus software, or by using a rescue disk.
PC Tools, formerly known as WinGuides.com, was a software company acquired by Symantec in 2008; the new owner eventually discontinued the PC Tools name. Company headquarters were in Australia, with offices in Luxembourg, the United States, United Kingdom, Ireland and Ukraine. The company had previously developed and distributed security and optimization software for the Mac OS X and Microsoft Windows platforms.
Norton AntiBot, developed by Symantec, monitored applications for damaging behavior. The application was designed to prevent computers from being hijacked and controlled by hackers. According to Symantec, over 6 million computers have been hijacked, and the majority of users are unaware of their computers being hacked.
ContraVirus is a rogue spyware application that poses as a legitimate anti-spyware program. The application uses a false scanner to force computer users to pay for the removal of non-existent spyware items. It may also be known as ExpertAntivirus.
The Zlob Trojan, identified by some antiviruses as Trojan.Zlob, is a Trojan horse which masquerades as a required video codec in the form of ActiveX. It was first detected in late 2005, but only started gaining attention in mid-2006.
Ultimate Defender is a rogue antivirus program published by Nous-Tech Solutions Ltd. The program is considered malware due to its difficult uninstallation and deceptive operation. It is commonly installed by the Vundo trojan.
VirusHeat is malware that disguises itself as a legitimate anti-virus program. VirusHeat tricks users into buying the full version of the program through repeated false alerts and popups, purporting to alert the user that there is a system error or they are infected, and must buy the full version to remove. It was launched on February 8, 2008.
MS Antivirus is a scareware rogue anti-virus which purports to remove virus infections found on a computer running Microsoft Windows. It attempts to scam the user into purchasing a "full version" of the software. The company and the individuals behind Bakasoftware operated under other different 'company' names, including Innovagest2000, Innovative Marketing Ukraine, Pandora Software, LocusSoftware, etc.
AV Security Suite is a piece of scareware and malware, or more specifically a piece of rogue security software, which poses as a pre-installed virus scanner on a victim's computer system. It is currently known to affect only Microsoft Windows systems, although it may simply operate under a different name on other platforms to better fit in with their user interfaces, as its disguise is a key component of its success. In the task manager, it appears as a string of a random characters that end with "tssd.exe" – an example is yvyvsggtssd.exe. It also can show a random string of characters that end with "shdw.exe".
Winwebsec is a category of malware that targets the users of Windows operating systems and produces fake claims as genuine anti-malware software, then demands payment to provide fixes to fictitious problems.
ByteDefender also known as ByteDefender Security 2010 is a scareware rogue malware application on Windows that masquerades as a legitimate antivirus program. It uses a false system scanner that produces large deposits of malware and it attempts to scare the users to purchase the full version of the rogue software for the removal of nonexistent and/or unnecessary spyware items. The name of this antispyware program is used to confuse the user looking for the legitimate Bitdefender before downloading the software.
