Money is driving the proliferation of badware

by  Alan Zisman (c) 2006 First published in Business in Vancouver June 20-26, 2006; issue 869

High Tech Office column; 


If you’ve ever wondered about why your home or work computer has become infested with adware or spyware, the answer is that it’s about money.

So-called free software and unscrupulous websites are paid to install the stuff in wholesale lots. According to ZDNet anti-spyware blogger Suzi Turner, one affiliate program, GimmyCash!, offers $0.40 per installation of its bundle of programs; another adware marketer, DollarRevenue, pays $0.30 per install.

These deals are not exclusive. Downloading and installing a single piece of software can put multiple bundles of software onto your computer. As well, ActiveX controls can be used to install software when you click on a website popup window. Again, affiliate programs pay the website owner for each installation.

Stopbadware.org, started by researchers from Harvard and Oxford universities with support from Google, Lenovo and Consumer Reports describes itself as a “neighborhood watch” objectively reporting about software programs that spread this sort of junk. They aim to “become a central clearinghouse for research on badware and the bad actors who spread it.”

Stopbadware.org categorizes as “badware” software that uses deceptive installations, is not clearly identified, causes harm to other computers, modifies other software, transmits user data, interferes with computer use and is difficult to fully uninstall.

Less objectionable, in its opinion, is software that may engage in some of these objectionable behaviours only after adequate disclosure to potential users.

Stopbadware.org has started compiling reports about problematic software. Among its list are several programs claiming to improve system performance or security:

WinFixer, as the name suggests, promises to repair Windows systems. Instead, the free version of the program installs a rootkit that repeatedly pops up warnings of non-existent “system threats” until the user pays for the full version.

UnSpyPC claims to remove spyware but identifies real anti-spyware software (such as Microsoft’s Windows Defender) as threats. SpyAxe promises to “detect and remove potentially undesired items.” Instead, the application asks for payment before removing detected items, doesn’t allow the user to close the program and pops again (requesting payment) when the computer is restarted.

Among the other reported badware:

FunCade promises a set of spyware-free games. Its set of card games and mahjong also installs pop-up ads and redirects default browser error pages. A component can install other software without user knowledge. The uninstall routine actually installs other software!

After lawsuits shut down the original Napster music-sharing network, Kazaa became one of the most popular of the next generation of programs, which tried to skirt file-sharing legality but didn’t host music files on its own server. Despite claims that Kazaa is “spyware free,” Stopbadware.org reports that Kazaa comes bundled with seven other packages that install adware, modify Internet Explorer and cannot be easily closed or uninstalled.

Stopbadware.org is soliciting horror stories from users. If you’ve lost control of your computer due to badware, pay it a visit. Despite those horror stories, however, not all downloaded software is badware. While it can be hard to know who to trust online, websites such as download.com and versiontracker.com are repositories for spyware-free software.