Talk:Spyware

From Wikipedia, the free encyclopedia

This article is part of WikiProject Malware, an attempt to better organise information in articles related to Malware. If you would like to participate, you can edit the article attached to this page, or visit the project page, where you can join the project and/or contribute to the discussion.


This article is undergoing a featured article review to ensure that it meets the standards of a featured article. Please add a comment to assist the process and/or be bold and improve the article directly. If the article has been moved from its initial review period to the Featured Article Removal Candidate (FARC) section, you may support or contest its removal.
Featured article star Spyware is a featured article; it (or a previous version of it) has been identified as one of the best articles produced by the Wikipedia community. If you can update or improve it, please do.
Main Page trophy Spyware appeared on Wikipedia's Main Page as Today's featured article on November 12, 2006.
Peer review Spyware has had a peer review by Wikipedia editors which is now archived. It may contain ideas you can use to improve this article.
This article has been selected for Version 0.5 and the next release version of Wikipedia. This Engtech article has been rated FA-Class on the assessment scale.
News This article has been cited as a source by a media outlet. See the 2004 press source article for details.
  • "Tech Tuesday: Stop Spam & Spyware." (January 10, 2005). Yahoo! News. [1].
To-do list for Spyware: edit · history · watch · refresh

To-do list

  • Add fair use rationales to all of the fair use images used in this article
  • Review User consent & legality section, citing any recent cases we can find involving spyware distributors
  • Review related categories Category:Spyware and Category:Spyware removal
  • Solicit improvement on WP:IDRIVE
  • Make a wiki site on Spyware and Other Malicious Programs -- 12.220.244.143
    • This latter one does not fit with the mission of Wikipedia; maybe it would work for a Wikibook, but not here on Wikipedia. -- LGagnon 02:32, September 5, 2005 (UTC)

Recurring problems

  • Insertion of spam links
  • Insertion of unsourced claim of non-Windows spyware (this will cease to be a "problem" if non-Windows spyware is observed and documented!)
  • Alteration of lead paragraph from "Spyware is thus-and-so" to "'Spyware' is a term that means thus-and-so" -- Wikipedia:Wikipedia is not a dictionary, and this article is about spyware, not about the word "spyware".
  • Recommendations and didactic content -- "People should do this" -- Wikipedia is not a how-to guide or list of recommendations

Contents

[edit] Reviews

Obviously, we all know what the best software is, but is it worth writing something objective about antispyware solutions and linking to a number of reviews? Could be helpful... Elliott C. Bäck 05:47, 5 May 2005 (UTC)

[edit] Spam Cleanup

There used to be a huge list of links on the main page, most of which went to pages that were either spammy or pushing some sketchy products--I've cleaned up the links so that at least all of them are somewhat relevent. If I missed something, let me know...

You removed links to several Wikipedia articles on spyware removal programs. I recommend returning those links. -- LGagnon 17:20, May 2, 2005 (UTC)
Can you state which in particular you find relevant, non-spammy, and non-redundant? Elliott C. Bäck 18:32, 2 May 2005 (UTC)
At the very least, Ad-aware and Spybot should be mentioned in the article. They are the top 2 anti-spyware programs, so it would be best to at least mention this in the article. Other notable ones (MS's new program will likely be important over time) should be given at least a small mention. That isn't to say that all need to be mentioned (the rest can just be added to Category:Spyware removal), of course. -- LGagnon 20:04, May 2, 2005 (UTC)
Oh. Those aren't mentioned in the article, but I didn't change the article. They're still in the external links, though, of course. Feel free to mention them in the article...


I've not used wiki's for long, all of what I state here is strictly "IMO".

[edit] Topics

Topics:

What is spyware?
How does spyware get on your computer?
Who makes spyware and why is it on my computer?
How do I fix it? spyware removal
Can I uninstall just the spyware?
What legal obligations might I have if I uninstall spyware?
Spyware in the news
How do I prevent it?
Where can spyware hide?
Why is it not in add/remove programs?
Can I just delete files I think are spyware? (gasp, dirty winsocks in my system32 folder!)
Why is it hard to remove?
Why does it make my computer unstable?
Why doesn't my antivirus program prevent it?
Why doesn't my firewall stop it?
But I download games, play mp3's, get cheat codes, download cracks, and visit all the COOL sites!

The above is an excellent list of topics. But their coverage is totally inadequate. For example it is important to discuss the intent of the spyware which could be very malicious to damage the computers of total strangers or to erase the files contained in them through introduction of executable files or to profit from the information by interrupting the computer sessions of their owners with the ads of the clients of the spyware or of the clients of the spywares themselves. These interruptions of the sessions of the computer owners are called Pop-ups. Obviously malicious spying would include intents of identity thefts or of sexual fulfillments.

The list of the makers of the spyware is totally inadequate. It should include all the companies included in another section of Wikipedia under Technology -Computers - Adserving. Inspite of the denials of those companies they listed as Adwares all over the internet search engine listing. It does not do Wikipedia creditability any good to believe in the denials of those companies including Zedo.

The spyware software is designed so that it gets installed by remote control immediately upon being deleted. The spywares have a list of the IP Addresses and after it gets the IP Addresses it will never let go of the hold it has on the computers.

Brendan discussed below what can happen if the spyware is removed. This is because many of the spyware removal programs themselves are adwares and they leave their own marks when they remove the known spyware. The dedicated spyware programs such as Lavasoft (Ad-aware SE) did not exist when the list of spyware removal was prepared. Spyware Nuker itself is an adware. It instals itself on to the computers without their permission.

You'll have to be very persistent to removal some spywares like Zedo and look2Me if you want them out of your system. I run Lavasoft on my computers every two or three days and find them back every time.

The above points must be discussed in the spyware section and in Ad serving section of WIKIPEDIA.
----fakir005 14:22, 14 November, 2006 (UTC)

I've seen documented issues ad-aware, and spybot destroy internet connectivity to the point, where a normal ISP can only send them to their OEM for help. It's a good idea to stress what should happen, and what can happen.

Ad-Aware and Spybot used to destroy LSP files when certain spyware was removed. For the most part I think the issues have been removed. If not, the program LSPFix can usually take care of the problem. Maybe something about LSPFix can be added to the article?

Brendan 16:39, 5 Aug 2004 (UTC)

It should also tone down the "big brother" aspect of the goverment means, because most people experience spyware as a big nuisence (sp?).

Thanks, Scott Edwards - daxal.com

Anything downloaded "free" from the internet must be assumed to have "spyware," in the form of adware attached to it, especially all the cool stuff. Software has to be paid for somehow. If it isn't paid for by subscription, then it's paid for with advertising. My teenage daughter downloaded so much stuff jammed with adware that it caused my entire system to lockup and cost almost US$500 to repair. Kazaa was the absolute worst. We bought Kazaa Lite so she could play her mp3 files, subscribed to Pest Patrol and regularly scan the system for unwanted programs.

Basically, you got screwed. Lots of free software doesn't have spyware. See the article Open Source. And you paid for a scam when you bought Kazaa Lite, that program is free.

Brendan 16:39, 5 Aug 2004 (UTC)

I cannot speak too highly of Pest Patrol. Its website[2] will scan your system for free and provide instructions on how to remove whatever spyware is found, if any. Otherwise, for about US$40 you can download its removal program. The fee licenses the program to the user for one year. In addition, the Pest Patrol website has a very informative encyclopedia of pests which is updated continually. The US$40 has been money very well spent. I've removed at least 200 pests from my system since I downloaded it in June 2004. --Maryevelyn 00:54, 5 Aug 2004 (UTC)

Here is my expierence with SpyWareNuker:

I purchased SpyWareNuker on 5/21/2003

On 3/22/2005 SpyWareNuker found some SpyWare and when I said remove it the SpyWareNuker deleted ALL my VCom files.

Since then their tech support has been giving me bad instructions about resolving this.

I have now had to reinstall VCom SystemSuite5 four times because SpyWareNuker keeps deleting the files.

I have ALL the emails between myself and their tech support

I have been in computers since 1956 and have a very extensive background both in software and hardware. My picture was even in Business week and I was a VP with 7 Computer Companies.

Here is my background: http://www.dowebpages.com/work

Can you believe that in their last email they said in part, "The images you have sent are all from different programs which leads us to believe that you are not sure what program you are using."

[edit] Vodoo Definitions

Whoops! I wrote this based on my misunderstanding of a sentence in the article. Obviously its too late for me to be editing Wiki. I may rephrase that sentence so no one else is confused by it.

Brendan 02:15, 19 Aug 2004 (UTC)

Can anyone verify that all the links to spyware-removal sites are genuine? As it so rightly says in the article, many sites claming to offer anti-spyware software are just using a clever means to install their own. www.freespywareremoval.info, for example, looks like a very helpful site, but I'm hesitant about using it before someone can confirm that it's genuine. I'm interested to know what such sites have to gain by handing out this free software. It seems like no one gives software out for free on the internet without some vested interest. Does anyone have any answers?

This this one here http://www.lavasoftusa.com/ direct download in http://downloads.foruns.org/?id=30 www.freespywareremoval.info looks clean to me!

[edit] Tracking cookies?

A free spyware remover I've just installed tells me it guards against 'tracking cookies'. What are these, how do they work?

Tracking cookies are used by advertisers to store information about you based upon the sites you visit (and download their adverts from). A privacy rather than a security breach. Maybe an article should be created on other "dangers of the web" and remedies. Tracking cookies can mostly be prevented by not allowing third party cookies from websites. (This is an option in IE and Firefox IIRC).

[edit] About section: A solution

Hi, Ferkelparade. About your contrib "Revision as of 11:31, 14 Feb 2005 rv rather incoherent POV". This is not nearly enough a justification. What is incoherent ? And what is POV ? You have to do your homework befor revert. Note as well a POV section is seldom to be deleted but rewriten.

Now about the actual content of my contrib here. The point in spyware is mostly human factor. Who will deny that ? And the most efficient solution is... human factor. Educate, understand, think: and off the spyware! Correct or not?

I think you may have rved hastily because of anon. Nontheless, there is a point here. If it's POV: rewrite as you think best. Beyond your freedom, that's your duty.

Bye bye

Anon - 213.190.129.19 09:33, 17 Feb 2005 (UTC)

[edit] Removal of Enigma's Links under "Prevention" heading

Although Enigma's software is no longer classified as "rogue/suspect" (Spyware Warrior - Rogue/Suspect Anti-Spyware) it is still not recommended as a solution. To quote, "Given the many excellent competing anti-spyware applications that are available (some for free), users would do better looking elsewhere for trustworthy anti-spyware protection." From personal experience and testing of their products, I would have to agree. --Kyrin\talk 17:55, 2005 Apr 5 (UTC)

Have you tried Adware Alert http://sahosted.com/spyware/index.html

It's on the Rogue Antispyware list. RainR 02:17, 21 Jun 2005 (UTC)

[edit] mentioned in newspaper

Just FYI, this article was mentioned in a San Fransico Chronicle article about spyware today. go wikipedia! YggdrasilsRoot 7 July 2005 14:25 (UTC)

[edit] Let's make this featured

I'd like to see this become a featured article. It's a topic of substantial importance to the majority of people who visit Wikipedia. It has been a remarkably stable and uncontroversial article. It's even been cited in mainstream media. With the gracious contribution of screenshots by User:Incognito and User:StevePR I think we have a shot at featured status. Here are a few things that concern me, though:

I'm not sure if we should list "known spyware" programs -- at least, not so predominantly. We can't expect to keep such a list up to date, and there are much better lists out there on the Web than we can maintain here. We do have a Category:Spyware in which the Wikipedia articles for various pieces of spyware are already listed, so it's not as if we'd be without a list of Wikipedia articles about spyware.

It would seem more useful to have detailed descriptions of a few typical pieces of spyware -- the ways they get on a system, their effects, the nature of the firms or attackers who control them, and so on. We need to avoid original research here, though: even if you're a security technician (as I am) it's probably not enough to just fill in details about the latest spyware you cleaned off a system. Citations are a plus.

More screenshots or images would always be great. Particularly if anyone has, or feels like making, (freely licensed!) screenshots of particular pieces of spyware in action.

Currently we've got a template box at the bottom of the article about "forms of software distribution". I'm not sure what that's doing here -- it was here when I came to this article, so I've avoided deleting it. Spyware doesn't seem to be to be a "form of software distribution" any more than viruses or worms are. The template box seems a little ... curious ... anyway, since it lists "vaporware" which is precisely not a form of software distribution.

Thoughts? What else does this article need before it gets submitted to WP:FAC? --FOo 7 July 2005 23:36 (UTC)

I'd also like to see this article become a FA. We'll need to work on it a bit more before nominating it, though. The lack of a References section is a serious problem, as there's no way it can be a FA without one (and I highly recommend using citations for specific parts of the article, as it really strengthens the article's integrity). We should go through the External links section (which seems a bit big for an article with no References section) and see what we can move into the References section. -- LGagnon 19:45, July 10, 2005 (UTC)
Good point. I've done a little of this now. --FOo 21:02, 10 July 2005 (UTC)
Could we get more news articles in there? I've moved one in from External links, but I'm sure we can get a lot more. It's best to have more reputable sources added to the References section so it looks more reliable (and you shouldn't have trouble finding some). Also, since you are a security technician, you may have some books that mention info on the subject, so if you do you could use them as well. Also, let's try to get these things cited with the ref/note scheme. For instance, the article for Chuck Palahniuk (which I worked on) is heavily cited in this method, making it very sturdy and unquestionably well researched. This I find to be the best way to insure that an article stands a fighting chance of becoming a FA. -- LGagnon 22:02, July 10, 2005 (UTC)
Let's also move some of the external links scattered throughout the article to the reference section and replace their previous position with citations. Again, this is a highly recommended way of strengthening the article. -- LGagnon 22:13, July 10, 2005 (UTC)

There are many websites linked in this article that only repeat info from other, more reliable sites that are have been added as references already. Additionally, a Google search is linked, which isn't usable as a reference. I'm going remove many of these links to make the article a bit cleaner. -- LGagnon 00:38, July 11, 2005 (UTC)

Check that Google search again, and please consider putting it back in as a direct link rather than a reference, then. The purpose of that search (for the name of the "Marketscore" spyware in *.edu sites) was to illustrate the prevalence of blocking this particular spyware in educational sites. --FOo 02:04, 11 July 2005 (UTC)

[edit] References and Research

Let's not move references (especially ones that are cited) to the Research section. We only need one References section, after all, and moving them around makes for a confusing and unorganized article. -- LGagnon 01:03, July 11, 2005 (UTC)

Someone has been adding references with citations links but the citation goes nowhere within the article (specifically, Hardmeier, Sandi, Healan, Mike, and Stevenson, Larry). Can someone actually cite these references properly? Also, can we add citations for references that were added without them? -- LGagnon 01:07, July 11, 2005 (UTC)

I wasn't sure where to put this, but I'd have to take issue with the following sentence: "When Microsoft Windows users seek technical support — whether from computer manufacturers, Internet service providers, or other sources, spyware infection emerges as the most common cause. [citation needed]" I have no citation to prove otherwise, but I work at Road Runner's National Help Desk, and at most 5% of the calls I get are spyware related. Just asking the 10 or so people around me, they range from 2%-3% up to 10%. -Jordan 3:25, June 06, 2006 UTC

  • I was going to move the said sentence below until a reliable citation could be provided, although looking at the context of it in the paragraph, the whole paragraph could do with a revision.

When Microsoft Windows users seek [[technical support]] — whether from computer manufacturers, Internet service providers, or other sources, spyware infection emerges as the most common cause. {{citation needed}} In many cases, the user has no awareness of spyware and assumes that the system performance, stability, and/or connectivity issues relate to hardware, to Microsoft Windows installation problems, or to a virus. Some owners of badly infected systems resort to buying an entire new computer system because the existing system "has become too slow." Badly infected systems may require a clean reinstall of all their software in order to restore the system to working order. This can become a time-consuming task, even for experienced users.

  • In my experience, spyware is one of the reasons for computer slowdown and a contributing factor to computer problems on computers that don't have sufficient protection - firewall, antivirus (with updated definition files), antispyware (non-rogue with updated definition files), etc. - although other reasons such as computer viruses, trojans, incorrectly configured internet connections, problems with routers, fragmentation, failing hardware such as hard-disks, driver conflicts (and things that might be fixed by updating motherboard, graphics, sound card, and other hardware drivers), problems with software not installing/uninstalling correctly - examples I can think of are ZoneAlarm (internet connection problems after uninstalling) and Norton AntiVirus (see SymNRT) - as well as other problems which I can't think of off the top of my head. I don't see a problem with the last 2 sentences of the paragraph Badly infected systems may require a clean reinstall of all their software in order to restore the system to working order. This can become a time-consuming task, even for experienced users. as that is something I sometimes have to do with systems that are too infected - not just by spyware, but with rootkits, trojans, adware, viruses, and the like. TheJC TalkContributions 05:39, 7 June 2006 (UTC)

[edit] CastleCops

There are a lot of links to castlecops.com that do not serve as a reference for this article yet are scattered all over the article. I suspect this as being link spam and I am going to start removing these links unless someone can give a good reason for there being so many of them. -- LGagnon 01:25, July 11, 2005 (UTC)

Agreed. These appear to have been added by User:Zhen-Xjell who just showed up recently and started throwing links to the Castlecops site on a number of articles. --FOo 02:07, 11 July 2005 (UTC)

I've just found out that Zhen-Xjell works for CastleCops. I'm deleting his link spam. -- LGagnon 02:11, July 11, 2005 (UTC)

I don't make any attempt to hide that information, however as I have previously said, the information I provided (much to CC, but also to other sites such as Sunbelt, Microsoft and Spywareinfo) is useful information. As I said elsewhere, I made a research section in the spyware article with links to database lists that cover startups, services, LSPs, process lists, spyware/adware, etc. Just what is the aim of the article if such information is disgarded simply because I posted it?--Paul Laudanski 02:01, 12 July 2005 (UTC)
As I mentioned in your talk page, you add them without reason (do they give info that other links don't provide?). And if there is so much useful info on the site that you can find multiple instances of useful info, yet you won't use it for actual, citable references (which you did try, but you put a citation on it that lead to nowhere within the article, making it look very suspect), then you should only give a link to the main page of the website. Otherwise, multiple links to a website without justification is link spam. -- LGagnon 02:12, July 12, 2005 (UTC)
I am still a 'newbie' when it comes to Wiki code, and wasn't sure what that was so I copied/pasted what was already there. Of course I now know. As to the practical question of what is WP permissible, I have made a reply in Wikipedia:Votes for deletion/CastleCops.--Paul Laudanski 03:17, 12 July 2005 (UTC)
(do they give info that other links don't provide?) said by User:LGagnon. I apologize for not answering this one sooner. Most of the CC links I added contain information that otherwise cannot be found elsewhere. For instance, the CLSID link (O2/O3) and the other links under the Research section have their master copies (and thus either sole instance or most current) at CC. Notable examples are the O18s and O20s. I thought it was pertinent to include CC in the list of Communities since we do have (at the moment) 143,529 registered users (with a large volunteer staff dedicated to security, privacy, and spyware matters). This is why I had created a Research section and moved the Process Library link there as they have a vast database of processes. Until today, I was unaware they even had a forum community. I hope this answers any questions. --Paul Laudanski 04:43, 12 July 2005 (UTC)
I just rechecked the article and it was the citations I removed, not the links themselves. If you want to add citations for those somewhere in the article where it would be useful, then that would be helpful. Anyways, the reason I said they looked suspect is because it seemed as if you were passing them off as actual citations (assuming you had noticed the tons of citations spread throughout the articled). I had assumed the reason for the citations was obvious from how I was handling them in my edits. As for your website, you can add a link to it in the External links section, but only one that links to the main page of the site. Various links to a site are usually only done when articles from the site are being used as cited references. If you'd like to use articles from your site as references for info in the article already (try not to use it for already cited text, though), or for new info you'd like to add, that will be fine so long as proper citations are used. -- LGagnon 06:00, July 12, 2005 (UTC)
Thank you for the informative reply. I can understand now why my ignorance as a new comer has caused confusion. It certainly was not my intent to do any harm, rather to do good. As a reference point [3] so that I understand, would the addition of Larry Stevenson's article on Spyware and EULA Hooping [4] be OK to reinclude along with the entries I added from Sandi Hardmeier and Mike Healan (Spyware#References)? I have more links on this topic available from other noteable experts on Spyware I would certainly love to add. On the topic of re-adding my site to the Spyware#Communities, would it be appropriate then to include a text description stating several database research lists are available? I'll try it out now, so please let me know.--Paul Laudanski 06:37, 12 July 2005 (UTC)
Yes, you may re-enter your site in the Communities section with a short text description. That's perfectly fine, so long as it's only one link. As for any specific articles, we shouldn't clutter the References section with uncited references at this point, as that will only fill it up with explained references that we don't have a need for. If you can cite a piece of text in the article that it is usable as a reference for (or if you can add new, useful information that it can be cited for), then it'll be ok. Let's try to add more references than External links, though; the EL section doesn't really need to be filled up that much more, while the References section is always open to more (that is, so long as it is reasonable and citable). -- LGagnon 18:29, July 12, 2005 (UTC)
Understood. Have you checked my entry? I had last night linked to the article CastleCops followed by the external link to the homepage. As to more references, I'll ponder thru it and see what else I can add of value.--Paul Laudanski 19:44, 12 July 2005 (UTC)

[edit] MSN Messenger

Listed under "Known programs bundling malware" is MSN Messenger.

However, there is nothing on the MSN Messenger Wikipedia page that mentions any malware.

Would it be an idea to add a quick note in this article mentioning what kinds of malware are bundled with each of the "Known Programs"?

(Posted by MinstrelOfC: Note that I am not logged in due to technical issues)

66.82.9.43 01:43, 12 July 2005 (UTC)

That section seems like a bad idea to me -- if nothing else, it will be very difficult to maintain in an even-handed way. Perhaps it should simply go. If people working on articles for particular software products wish to place them in Category:Spyware, they can do that, after all. --FOo 02:14, 12 July 2005 (UTC)
I think that it can be maintained for at least programs that we have articles for; that'll reduce the amounto of work needed for it. I suggest renaming the section "Notable programs bundling malware". As for MSN Messenger, that seems like a suspect entry. I'll remove it until someone can verify it. -- LGagnon 02:46, July 12, 2005 (UTC)
Many of the programs listed in the section no longer contain any malware/spyware. Is the list intended for historical purposes, or current warnings? If it's for current warnings, the programs that have cleaned up their act should be delisted. If it's for historical purposes, then I think something other than a list (perhaps detailed explanations of what was included, why it was bad, etc..) should be added. Kynes 03:18, July 13, 2005 (UTC)
We aren't in the business of maintaining a "blacklist" of software that comes with spyware. This is exactly why the list seems like a bad idea to me -- making a bulleted list of programs with spyware is going to come across to many readers as a piece of advice: Don't use these programs; they're bad. And Wikipedia is not in the business of giving advice.
However, when & if we do mention that a particular popular program has shipped with spyware, I don't think we'd be justified in deleting that fact just because the latest version has come clean. After all, we don't say that Jesse James isn't a thief just because he isn't stealing any more. Many articles about software, such as Sendmail and Internet Explorer, deal with the security history of those programs -- frequently despite the vendors' wish that we would all forget old buggy versions as "ancient history". Well, history is part of what encyclopedias do; and that's what Wikipedia is.
All in all, I'd be most comfortable with this if we integrated the names of programs that have been well-known or infamous for shipping with spyware, into the paragraphs that discuss that phenomenon. That way we can make it clear that they are being named only as examples, rather than as a blacklist; that it doesn't matter whether they're still shipping with it but rather that they were well-known for doing so; and that we're not interested in trying (hopelessly!) to maintain an exhaustive list. --FOo 04:48, 13 July 2005 (UTC)
That sounds like a good idea, FOo. I particularly like the idea to put the names in existing paragraphs, rather than a ominous-looking/sounding list. Within paragraphs, it's much easier to describe actually what spyware was contained (and why the programs as well-known or infamous). As a list, it does sound a bit too much like a warning. Perhaps some names would fit better into the 'routes of infection' and/or 'user consent and legality' sections. As far as keeping cleaned-up-programs, I agree with you, so long as the names move to an become more of a historic example rather than the black-listing-looking-list. Kynes 14:36, July 13, 2005 (UTC)
Maybe we could make a section about the history of spyware that is shipped with programs? -- LGagnon 20:09, July 13, 2005 (UTC)
A history of spyware shipped with programs section sounds like a very good idea. Kynes 16:18, July 14, 2005 (UTC)
I added references for the ones I could find good references for. If we can't find a good reference for a program, we shouldn't list it. That will help prevent hoax entries. -- RainR 09:18, 27 July 2005 (UTC)
I still think the in the list, the bad outweighs the good. Some of them should be discussed in the article, sure. 1. Some of them, like Downloader Accelerator Pro are debatable. (If there was an article for them, we could link to an article that discusses both sides) 2. Some of them I couldn't find any references for. They are either hoaxes or extremely non-notable. 2a. Some of them really deserve multiple references, but that can't be done in a general spyware page. 3. It'll keep collecting useless entries as people add their misconceptions and hoax entries. 4. It's all over the place, for instance AOL Instant Messenger is listed for bundling WildTangent, which is also listed in its own entry(and is itself debatable whether it's spyware). The title of the list is "Notable programs distributed with spyware" and lists "Gator", but I don't know of any actual program distributed that was called "Gator". --RainR 11:39, 13 October 2005 (UTC)

[edit] Spyware.png

Image:Spyware.png
Spyware can overwhelm a computer, making it difficult and tedious to use. In this screenshot, Internet Explorer from Windows XP is covered in toolbars, some from spyware and some not. The purple ape is the mascot of the Bonzi Buddy spyware.

That is a very good image to show spyware, but not all theose toolbars are spyware. The Alexa Toolbar and Ask.com Toolbar are the ones I notice. I don't really have any sugestions, I just felt like pointing that out.--The Computer Mutt 20:15, July 12, 2005 (UTC)

Alexa is flagged by Ad-Aware, so it's at least thought of as spyware by some sources, though I understand that many folks find it useful. I can't speak to the others. --FOo 21:15, 12 July 2005 (UTC)
The Desktop.com toolbar, depicted in the image is also not Spyware. See my conversation with FOo. I believe this image should be removed until it can be replaced with an image that does not contain non-Spyware products. --Wksears 20:35, 13 July 2005 (UTC)
I'm slowly coming around to agreeing with you. A lot of the toolbars in that image are ones that people do install for themselves and aren't usually associated with spyware -- for instance the Google and Yahoo! toolbars. I'm writing to Ben Edelman to see if he'll allow us to use some of the screenshots from his Web site. In the meantime, I've moved the image reference here to the talk page. --FOo 00:36, 14 July 2005 (UTC)
I believe a more appropriate name for the image is Toolbarware.png. Internet Explorer browser toolbar software is a different subject, which may merit an article of its own. Note, however, that depending on who you ask, a number of the toolbars pictured that have been characterized in the discussion so far as non-spyware have been considered spyware or at least borderline, not by many, but by a few people online, at least. The Alexa toolbar certainly has, just try a google search for "Alexa spyware", and the Google toolbar is considered by some, perhaps a negligible number of people to be on the borderline.
Spyware makers are starting to learn that it actually hurts them when people start recognizing that their product actually is spyware, see here. So the typical marketing pitch is "It's not spyware", when in fact it is. That makes it really hard to evaluate in a neutral way, which of the toolbars are actually spyware, so it doesn't seem best to represent them as universally recognized as spyware... only at most as examples of what kind of software that components some computer users consider spyware are typically bundled with. And toolbars are a good example, but fairly narrow of a category (compared to the broad selection of software with bundled spyware): Kazaa or Gator might be better examples, but of-course they say KaZaa's not spyware, and Claria also spins a distinction between adware and spyware.
Merely having some clauses in a EULA presented at installation and/or the documentation describing a program's tracking activities does not make it non-spyware.
This is the problem that arises when using just a few vague names to categorize software... namely, what the names imply and what the names mean to different people bounces around too much: end users think in broad terms, but marketing product vendors want the world's definition of spyware to be as narrow as possible, to ensure their product doesn't fit any severe category; it is easier to give a positive spin on the name adware, of course, and it would be nice if the name spyware were reserved for truly the worst cases, but in practice, it's not... --Mysidia 22:02, 27 July 2005 (UTC)
I couldn't agree with you more! The world hasn't given us a clear and accepted list of criteria by which to distinguish spyware from other things. I don't believe there's a fixed and definitive border between spyware and legitimate advertising-supported software (on the one hand), nor between spyware and clear-cut computer crime or viruses on the other. (I have personally seen a worm outbreak install advertising pop-ups on computers, yes.)
Various interests have proposed definitions of "spyware", usually ones that are intended to justify their own behavior. This is not unusual in the slightest! As a parallel, there's a saying in the anti-spam community: "spammers try to define 'spam' as 'that which we do not do'." That is, many of the parties who contribute to the public discourse about spam -- e.g. Microsoft and Yahoo -- are in part responsible for the problem, but try to define the terms so that their responsibility is not spoken about. Corporate spammers love it when people associate spam with fly-by-night porn sites and the Russian Mafia, because it makes it easier for people to believe that Microsoft List Builder (formerly bCentral) is anything other than a spam-for-hire operation.
That said, we (as Wikipedia editors) aren't here to provide a clear-cut definition of "spyware" either. One of the things I've tried to do here is to instead discuss many of the various behaviors that people associate with spyware, rather than pretending to set up rules for what is and isn't spyware. A corollary of that is that we have quite little ground to stand on in arguing that any particular piece of software is (or isn't) spyware. For instance, we can say that Alexa Toolbar is removed by some anti-spyware programs, but that many people choose to install it. Google Toolbar, to my knowledge, is not removed by anti-spyware programs ... although even if it were, sometimes that wouldn't be definitive: if Microsoft (a competitor to Google) chooses to call Google's work spyware, should we believe them?
Because we have little ground to stand on in claiming that something is spyware, in dealing with this image and the Desktop.com programmer who criticized our use of it, I chose to err on the side of caution. I suggest this is a good policy for this article: if someone can present a reasonable argument that something isn't spyware, and is straightforward and honest rather than (e.g.) threatening us or trying to browbeat us with marketing feces-talk, we should avoid calling that particular thing spyware unless we have an equally credible expert opinion otherwise. (If Edelman says it's spyware, it's spyware.) --FOo 00:19, 28 July 2005 (UTC)
By this line you should remove alexa all together from this page. As putting it in there is akin to the "when did you stop beating your wife" type question. While there are many sites that call alexa spyware, almost all of them are spyware removal tools and have a vested interest in advertising a spyware "epidemic". Alexa A) isn't bundled, and never was B) has always been up front about information it receives C) uses standard windows unistall procedures (Add-Remove Programs) D) collects the same data as many other toolbars that you have not listed in the same paragraph. --User:Mushmouth 19 Jan 2006


[edit] Text of my e-mail to Ben Edelman

Subject: Wikipedia article on Spyware

Mr. Edelman --

I and a number of other folks have been working recently on the article "Spyware" for Wikipedia, the open-source encyclopedia. Your Web site and your research have been massively useful in researching this subject -- particularly with regard to the disparity between the "consent" that spyware makers claim, and the fact of their installation of spyware by way of drive-by download.

Recently, I've been looking for images to illustrate the article -- most particularly, screenshots of computers infested with spyware. Wikipedia requires that images be freely redistributable -- so I'm wondering if you would be willing to permit us to use and redistribute some of the screenshots from your Web site?

The article we're working on is here:

       http://en.wikipedia.org/wiki/Spyware

Naturally, we would love it if you, as a researcher in the field, had any suggestions or improvements to make on this article.

Thank you for your consideration!

(signature)

--FOo 00:41, 14 July 2005 (UTC)

[edit] Ben Edelman's response

It's great to hear from you. I'm a big fan of Wikipedia and of all who contribute their effort to this important effort.

I'm happy permit my screenshots to be used in Wikipedia. Can you confirm that the images will be attributed to their source, consistent with <http://en.wikipedia.org/wiki/Wikipedia:Image_use_policy>? Reviewing that policy, it seems that I'll need to license the images at issue under the GFDL. That should be fine -- perhaps you can let me know which images are at issue, so I can make sure I know what I'm licensing!

Ben

[edit] New spyware screenshots

These screenshots have been made available by Ben Edelman to illustrate this article. They are all from his Web site at http://www.benedelman.org/spyware/. He has licensed them all under the GFDL. Please see the image descriptions for the original URLs of the images. --FOo 18:55, 14 July 2005 (UTC)

Anyone have any opinions as to which of these would be best to illustrate the introduction? --FOo 18:55, 14 July 2005 (UTC)

They're nice, but I think that they count as fair use, not GFDL. After all, Edelman does not own the copyright to Windows, IE, or BearShare. Then again, I'm not entirely sure how copyright works for sceenshots. Either way, we're not likely to get a 100% GFDL screenshot for this article (don't know of any OSS programs effected by spyware, and don't know of any OSS spyware), but a fair use ones should be perfectly fine. -- LGagnon 02:58, July 15, 2005 (UTC)
Hm. You have a point. Edelman's work in composing the screenshot and making the files still merits some status under copyright, I suspect. Anyway, we have his OK on using them, which I think is important since they're copied directly from his site. --FOo 03:07, 15 July 2005 (UTC)
They all include miniature versions of images made by the companies.. whether the art used in Internet explorer dialog boxes or the Logo used by the company who made the software he took a screenshot of.. In a way, the image in the upper left seems most illustrative, because it pictures the kind of browser prank that the worst spyware has been known to pull (getting the user to install with a quick "Yes" click, without realizing they are downloading and running an application)... --Mysidia 04:37, 28 July 2005 (UTC)

[edit] Spyware Cleaners

The ones currently listed are worthy of mention, but there are others which I feel ought to be included. I know WP is not a link farm, but this is an article on Spyware.--Paul Laudanski 19:02, 27 July 2005 (UTC)

[edit] Trimming unneeded links

The External links section needs to be reviewed and have unneeded links removed from it. The section is a bit big as it is, and we shouldn't have links that merely give the same info as the others just for the sake of including them (no link farming, remember). Also, unless someone plans on citing the uncited references in the References section, I suggest removing them, as they currently add nothing to the article. That section is quite big too, which is not a problem, but it shouldn't become a link farm either; at this point, if a reference doesn't relate to anything specific in the article, it's best not to have it there doing nothing. -- LGagnon 21:56, August 1, 2005 (UTC)

I disagree. First the article has already undergone peer review and no one has made mention of the external links section as being an issue. The links that are there now I believe are not enough -- especially the portion that links to spyware cleaners. The links provided in the article are those who are fighting spyware everyday, and granted this is a spyware article, how can it exist without those folks? --Paul Laudanski 23:19, 1 August 2005 (UTC)
I did mention the issue in peer review, though probably not as explicitly as I did above. Even if I didn't mention it, that is besides the point; legitamite issues that are brought up after peer review still need to be dealt with. Like I've said, Wikipedia is not a link farm; we are not here to give shoutouts to people and/or websites that know about the subject just for the sake of mentioning them. We only need references for sites that improve the article, not ones that are simply on the subject matter. At the same time, we only need links in the External links section that provide info that niether the article nor another link in the article provides; in the former case, we should strive to not need to include them, as Wikipedia should be as self-sufficient as possible (thus, the latter case really needs to be taken into account). -- LGagnon 23:41, August 1, 2005 (UTC)
I have to agree with LGagnon. We have categories to provide connection between this article and other articles on similar topics. Almost all of the anti-spyware programs, for instance, have their own Wikipedia articles, and are in a relevant category, Category:Spyware removal.
So perhaps we should simply refer readers to this category rather than listing anti-spyware software on this article. I've tried that out on the article -- see how it looks. Should we do this for the other sections of external links, and pare out the links that don't really inform the article? If it's terrible, go ahead and revert me. :) --FOo 04:32, 2 August 2005 (UTC)
I'm a pretty informed guy, and look how I came into WP. There were lots of things I didn't know, and still don't about WP. However, the spyware article is not for experts, as such, users who come to it may indeed be new. Having that information right at the bottom is going to be highly helpful for them. Removing it may create more issues that its worth. You keep talking about "link farms" User:LGagnon and giving shout outs to other sites. It isn't about that at all, it is about getting the data out to the user community so they can reap the immediate benefits.--Paul Laudanski 14:26, 2 August 2005 (UTC)
I understand what you're getting at, Paul. I hope you see what LGagnon is saying, too. It's easy for a Wikipedia article on a popular topic to get overwhelmed by external links. We aren't Yahoo or Dmoz -- external links are supposed to be a distant third behind content and references here. And one of the bigger problems of a large external-links section is that it invites people to add more and more links of tangential relevance.
As it stands, many of the external links provide the same information that is provided in cited references. Some provide rather less information than is already in the text of the article. (The virusspy.com link is one example.) We also do not need a half dozen "guides" that tell users, "Run an anti-spyware program in safe mode, then install Firefox."
Also, on this particular topic, any external link to an ad-supported site needs to come under additional scrutiny, because of the chance that it's been planted to direct advertisement revenue to the site operator. Many people have added links to sites that mislead the reader into thinking that s/he needs to buy a particular commercial anti-spyware program -- usually, not one of the reputable ones. This is one of the perils of treating external links as a big part of the article. --FOo 15:44, 2 August 2005 (UTC)
You bring up some excellent keywords such as DMOZ. How about then linking to a couple directories out there (incl Google and Yahoo), while also tacking on the Categories as mentioned above? --Paul Laudanski 16:32, 2 August 2005 (UTC)
I added a directory section with dmoz and yahoo directories. Google uses the same directory as dmoz so I didn't include it.--Sbluen 16:00, 8 May 2006 (UTC)

[edit] On Real Time Protection

User:Fubar_Obfusco added in SpywareBlaster for real time protection. There are a bunch of applications which are left out. Last night we launched a new survey on just this very topic. We have many -- but not all -- active protection applications listed here. SpywareGuard is the active protection from Javacool. For instance, Script Sentry has been long in the game, very long, but no one ever mentions it. This isn't to say SpywareBlaster shouldn't be referenced (I know JC), but I think for encyclopedic value the history of active protection in general has to be considered. --Paul Laudanski 23:11, 2 August 2005 (UTC)

I agree! Feel free to modify the article text -- this is, after all, Wikipedia! I notice that the top five apps on your survey are Ad-Aware, Windows AntiSpyware, Spybot S&D, Spysweeper, and "Other", but that the sample size is pretty small (58). I've never used Spysweeper -- I don't personally run Windows, and my workplace uses Ad-Aware, Windows AntiSpyware, and Spybot S&D -- but it certainly seems to deserve a mention.
I added SpywareBlaster specifically because I'd heard it referred to as being unusual in that it was a "spyware blocker" (i.e. real-time protection) before the other well-known ones were. That is, Javacool recognized a need for real-time protection and had a product that did it before the others did. If there's an earlier "blocker"/"real-time" anti-spyware program that's still likely to be recognized, it should probably be noted instead. I can't speak to the distinction between what it does and what Spyware Guard does, and the Javacool Web site doesn't seem to say specifically. Can you elaborate on that distinction?
The article might also benefit from more (cited!) information about the strengths and weaknesses of these programs. If we end up with lots of information we might need to shell off an article Anti-spyware software (currently a redirect back here), but for now I don't think we're too overwhelmed here. --FOo 00:15, 3 August 2005 (UTC)
The sample size for that survey is small since it went live just under 24 hours ago. There is another antispyware survey of which you may find of interest with over 10,000 pollsters: Which anti-spyware cleaner is the best?. Let me get back to you on the rest as we're getting close to dinner. :D --Paul Laudanski 01:39, 3 August 2005 (UTC)
As the individual who screeded the list used in this survey I should explain that we were strictly interested in Active Protection (programs running in background and performing monitoring tasks). I deliberately omitted SpywareBlaster as it is really passive protection (it runs once, finishes, and does not run again until manually initiated). I agree that it provides excellent protection, as do programs which add malicious sites to the IE Restricted Zone and supplemental Hosts files. It was omitted from our list simply because it did not meet the criteria of the list. --Loren Decker 22:02, 6 August 2005 (UTC)
Thanks for the reply on that. --Paul Laudanski 01:04, 7 August 2005 (UTC)

[edit] Citations shouldn't be added meaninglessly

The {{note|name}} thing that goes before references isn't supposed to be placed there for no reason. More than once, we've had editors add them without a {{ref|name}} anywhere in the article to go along with it. The newly added Ecker, Clint reference suffers from this sort of thing, and should either be connected to something in the text (even if something new has to be written for it) or removed. Like I said before, we don't need references hanging around that can't be cited in the text. -- LGagnon 19:25, August 6, 2005 (UTC)

For now, I'm removing the following references:

These references shouldn't be added back in until we can actually cite them in the text, as we have no use for pointless references at this point. -- LGagnon 19:30, August 6, 2005 (UTC)

I am amazed, truly I am. Do you know these people? Do you know their reach in the antispyware community? I added in Andrew, Sandi, and Mike. Ben was already there before my edits. Rather than removing them, how about finding a place to reference them in the article? How can a spyware article exist with key folks being removed? --Paul Laudanski 20:13, 6 August 2005 (UTC)
I don't think you understand my point. This isn't about kicking out people based on whether or not they have clout in the anti-spyware community (and no, we're not required to include them if they do have it; this article is not about them). The thing is that at this point we should only be adding references we can cite in the article's text; all others are just deadweight taking up space, no matter how relevant they are. The point is not to remove these permanently (as I moved them here so they could potentially be used in the future), but to set a standard to keep the references section from being flooded with references that aren't really being used for the article. -- LGagnon 21:42, August 6, 2005 (UTC)
I hate to think of "out of sight out of mind". I'd like to think that rather than taking the approach of information removal, take the time to find or create a spot in the article that can call upon a reference. At the moment I cannot do a full review to find such spots, but I had the hopes since this is WP someone would dive right in and help build. --Paul Laudanski 01:02, 7 August 2005 (UTC)
And someone will eventually. The info is still here, after all. In the meantime, the standard needs to be set rather than leave that stuff sitting there any longer. It's been a while since they were added, and no one bothered to cite them; that only makes it seem like no one is planning to. If you want to do so, you're still free to do it, and the info is still here, so it won't be forgotten. -- LGagnon 01:15, August 7, 2005 (UTC)
No hard feelings. Ultimately I would like to see an article that is beyond compare and can truly be called upon from any community as a reference. Although, if you happen to be modifying the article, feel free to re-add them back in appropriately. --Paul Laudanski 01:19, 7 August 2005 (UTC)

LGagnon -- I fully agree with you that references in the References section MUST be works that are actually used and cited in the article. As I pointed out in my recent proposal Wikipedia:How not to be a spammer, the only purpose of the References section is to cite works that are actually used as sources for the article. It is not simply to recommend related works.

However, that said, at least one of the references you removed is actually cited. The Clint Ecker reference I added just prior to adding a paragraph which cites it. Please re-check all the references you removed to make sure that you didn't remove any others that are actually cited. --FOo 23:07, 6 August 2005 (UTC)

At the time that you added the reference, you had no cited text to go with it. Had it been added at the same time, I wouldn't have removed it. It'd be best to add both at the same time in the future so that a situation like this won't happen again. That said, no hard feelings. :) -- LGagnon 23:58, August 6, 2005 (UTC)

[edit] Illegality of removal

Isn't it true that in some cases removing spyware is illegal (breach of contract in Kazza [which stops working if spyware is removed]) in some cases? If so it should probably be mentioned (I researched it but found very little). This is sort of mentioned in the "User consent and legality" section. This link is Broken 03:17, 11 August 2005 (UTC)

Spyware authors would certainly like it if users believed it to be illegal to remove spyware, simply because they put up a "license" claiming so! Without some evidence that any such "license" has ever been enforced, I don't think we need to take them very seriously. Some of them that I've seen suggest that the user must maintain the spyware in perpetuity -- which would seem to mean that the user may never reformat or throw away their computer! --FOo 05:31, 11 August 2005 (UTC)
First off a contract breach is a tort which is a civil matter rather than a crime so it cannot be illegal in the legal sense to remove spyware as a matter of definition. It is not illegal to fail to pay your mortgage, but your bank has civil remedies against you. On the other hand an intentionally or recklessly false claim that an action is illegal could itself be fraud and thus criminal, there is a false statement made with the intention of material gain.
Finally on the civil issue the question here is whether any contract term in a spyware contract is enforceable. First is there a contract, is there an offer, agreement and exchange of consideration? Getting a click-wrap contract accepted by the courts as agreement is not as easy as some think. Most click-wraps are a contract of adhesion and thus invalid. IANAL but neither are many of the people who write the spyware 'contracts'. To make a clickthrough stick the contract terms have to be terms that are usual for that type of business, and the party that created the contract has to be able to show that the terms were the type of terms that would be likely to be agreed upon if the other party was aware of them, there has to be actual or constructive notice of the terms, certain terms have to be conspicuous. So no I don't think it at all likely such a contract would stick but it might be important to mention the slimebags use this ruse.--Gorgonzilla 04:51, 15 August 2005 (UTC)

[edit] Non-Windows spyware

Can anyone verify that there have been reports of spyware for Linux, Mac OS X, or any other non-Windows platform? The sentence about it seems quite suspect to me, and I think it should be changed back to stating that no spyware has been found on those platforms if no proof can be given. -- LGagnon 14:03, August 21, 2005 (UTC)

As a security technician who uses Linux and Mac OS X every day and provides security support for Windows users, I can confirm that I've never seen any Linux or Mac OS X spyware ... and I've looked, extensively. There have been no credible reports of it. There have been a couple of firms who have tried to sell "anti-spyware" software for OS X ... which software doesn't appear to do anything, but they promise it will protect you from spyware. (And I'll sell you an amulet that protects you from ghosts. Nobody wearing one has ever been eaten by a ghost.)
If anyone has any actual, cite-able sources showing spyware on Linux, OS X, or any other non-Windows system, I sincerely invite them to contribute them. However, in the absence of sources (and in the presence of so very many sources showing spyware for Windows) there is no justification for claiming that any spyware exists for other systems.
I'll make the following caveat: There are certainly backdoors, exploits, and other security threats for non-Windows systems. There are keyloggers, trojaned copies of executables, and the like. However, we would not class these as "spyware" for the same reason that we don't subsume Windows viruses into "spyware" -- they are more descriptively placed in these other caregories. --FOo 15:41, 21 August 2005 (UTC)
I decided to be bold and deleted the sentence in question. Give a citation if you want to bring it back. 71.93.195.55 07:45, 12 November 2006 (UTC)

[edit] Okay, featured article. Now what?

Huh. So folks think this is a feature-quality article. Great, spiffy, shiny, and all that jazz. There are still some things to do here. The following is a shot at a "to-do" list and a list of recurring problems that have cropped up in the editing of this article. Everyone, please feel free to add to it. :) --FOo 03:36, 24 August 2005 (UTC)

[edit] User question on anti-spyware

OK, I've got a question that is probably stupid but I'll ask it anyway. Is it safe to have to have more than one anti-spyware program installed on the same computer?

Basically, yes.
You might run into some problems if you have multiple programs doing real-time protection at the same time, or if you have one program doing real-time and one program scanning. But simply having two installed should not cause problems. --FOo 04:31, 26 August 2005 (UTC)


Thank You.

[edit] Elf Bowling

I'm having trouble finding a source that this had spyware - can someone find one and add it? --SPUI (talk) 14:41, 28 August 2005 (UTC)

[edit] External Links

I cleaned up the external links section. We need to keep these from getting out of control. Please see the Wikipedia policy on external links in the FAQ if you have any question about what should or shouldn't be there. Basically, Wikipedia is for infomation, not lists of links. The external links should compliment the article, not overtake it. coyote376 7:20, Sept 17, 2005 (UTC)

One thing to really look out for is to check to see whether the external links link to anti-spyware software makers using affiliate ids. That means the webmasters of the "informational" sites get paid for each person referred to the anti-spyware software's site. This could lead to some incentive to create poor sites, if for example they recommend lower quality anti-spyware because the lower quality software has larger affiliate commisions. --RainR 12:08, 6 October 2005 (UTC)
Excellent point. In general we should be pretty suspicious of any external link to a site that pushes software we known to be of lower quality ... or to a site that uses affiliate links itself. --FOo 03:15, 7 October 2005 (UTC)
About 2-spyware.com, it shows exactly what I mean about affiliate IDs. Funny how the top four recommended anti-spywares are all ones that the webmaster has affiliate IDs for. --RainR 10:04, 7 October 2005 (UTC)
yes it is. But referring to your previous comment: "This could lead to some incentive to create poor sites" read some content, navigate around to see if it is really poor or has no content at all, just links. another your quote: "they recommend lower quality anti-spyware" - no in 2-spyware.com case they are referring mostly to "spyware doctor" which has excellent reviews throughout internet. in reference to coyote376 "The external links should compliment the article, not overtake it." - 2-spyware.com actually does that: read the different spyware types: they organised strictly by: what it is, ways of infection, what it does, examples, how to remove and list of parasites. It compliments article.

[edit] dedicated 2 spyware

I moved this discussion from my talk page --RainR

Where do you see link spam? Its a site name. It is within the logo. -- Ugnius 09:30, 7 October 2005 (UTC)

This comment was in relation to [5]

Perhaps spam is too strong of word. I felt the site does not fit within the Wikipedia external link policy. --RainR 10:14, 7 October 2005 (UTC)
OK. lets find arguments why:
the link must be valuable, so that site has unique, hand written reviews, every spyware remover was installed and tested prior to writing the review and you can see that just by actually reading them. huge research center with actual help for visitors. timely answers.
from the external links policy:
What to link to:
Is it accessible? - sure.
Is it proper (useful, tasteful, etc.)? - only few sites in spyware theme actually has similar amount of information.
Is it entered correctly? -yes it is.
this site has even more information that wikipedia about different spyware types and spywares itself.
What should not be linked to:
advertising purposes... Actually there are very few ads in that site. Valuable information is priority.
Lets compare to the other external links:
processlibrary.com - the clone of liutilities.com. actually its their site with the same information just to inflate the serps index and their income. no unique information, no much difference from their main site.
subratam.org - if you'd navigate a bit through site, you'd see that its only few articles and few reviews. compared to hundreds unique content. and there informations is taken from other pages like kaspersky, so NO unique content.
antisource.com - new forum with only few threads
careofwindowsxp and magoo advice are just one article with actually lack of really unique information.
others are really useful forums, so they are good resources.
what is the reason that you think that site dedicated to spyware doesnt belong to spyware category? -- Ugnius 12:03, 7 October 2005 (UTC)
Just because there are still questionable links doesn't mean that all links are acceptable. I'll leave them for now, since I don't want to brush against the WP:3RR. --RainR 12:54, 7 October 2005 (UTC)
I'd like to get proper arguments why, lets keep rational discusion. thank you. -- Ugnius
There does seem to be some unique content there, I'll give it that. The question is whether the unique content balances out the obvious commercialism of the site. --RainR 23:04, 7 October 2005 (UTC)
I find obvious commercialism in all remaining sites I described as a great resources, practically all of them have G ads, and aff links. (with exception of spywareinfo). That doesn't mean that these sites are bad resources and doesn't compliment the article. The question is: is there enough unique content? Correct me if I'm wrong, but this site doesnt look like overloaded with ads, pushes one product or pushes users to buy. User can choose to use free manual solution or product for automated solution by reading reviews. Even for commercial products there is a possibility to choose what to buy. If the site earns something on commissions it doesnt mean, that it is a bad site. When analysing the site you need to look if the content is really unique and if its enought of it. Lots of sites (affiliate sites) just uses the texts what they get from vendors or some scraped texts from other sites, which are not unique. To create unique texts and analyses takes a lot of time and hard work, its is much easier to steal something from others, and this site looks unique all over. -- Ugnius


With the exception of a few articles, 2-spyware adds nothing unique to "Spyware" that you can not already find at CastleCops. Even the content of the articles can be found at CastleCops, just worded differently. There is no new information at 2-spyware. The commercialism at 2-spyware is much more blatant than at most anti-spyware websites. For example, when browsing CastleCops, you are not presented with multiple ads on every page as with 2-spyware. Furthermore, your website may do more harm than good. Every IT professional knows that one of the best tools for removing spyware is Hijackthis but because the website owner at 2-spyware can't make money from Hijackthis, it doesn't even make the top 4??? That's absurd (and dangerous). I wouldn't use ANY of his top 4 products and neither would any credible person charged with removing spyware from a computer. Just about every spyware removal forum out there relies on Hijackthis. It is the number one troubleshooting tool in the industry. How many articles does 2-spyware have? 58 How many of those articles even mentions hijackthis? 1 This website is little more than a storefront for "Spyware Doctor", "eTrust Pest Patrol", "Spy Hunter" and "X-Cleaner". This website contains nothing worthwhile that can't already be found at CastleCops. It may actually contain misleading or dangerous information to anyone with a spyware infestation. And, it is clearly running for profit. The website doesn't even list Hijackthis on their software page of antispyware programs. For these reasons, as well as the reasons mentioned by RainR, it has been removed. Ccole 06:11, 9 October 2005 (UTC)

I disagree. CCole is known user which tries to push his completely new and empty site errorwindows with ads all over, and spams wikipedia with his link to completely empty forum. And he passes his angriness to other sites. What unique in 2-spyware:

I understand why errorwindows is not included at this time. I need more history. I did not add it back. However, your comment is irrelevant to the topic at hand. Please try to stick to discussion regarding your website, since it is your website that is in question for link spamming. You can say I am angry, but that has nothing to do with your website. It doesn't change the facts I stated or the facts that RainR stated or the facts that I will state below.

Ok lets state the facts. Leave the emotions aside.
1. All parasites categories - even wikipedia doesnt has this information and I hope it will have. for example you can compare sections about adware, computer worms between wiki and 2-spyware. Articles compliment each other clearly.

There is nothing in this section that CastleCops doesn't have information on. They have information on ALL known sprware AND variants. Your website adds nothing new to Wiki.

none of them structured like in this site. Castlecops is a forum site. that's different sites which even cannot be compared. castle cops dosnt have any definitions and removal instructions. Its a forum.
2. 178 manual installed, tested and reviewed antispyware product. The list is growing.

You mention 178 manually installed, tested and reviewed antispyware products. How many of them by you? Your articles all come from some place else. Only one single reference to Hijackthis in all of your articles. This piece of software is CRITICAL to removal of most forms of spyware. If your website was truly devoted to spyware instead of advertising, a logical thinking individual might conclude that you should have more that one reference to the industry accepted standard removal tool. As someone who actually deals with spyware every day (both online and offline), your website could actually be considered dangerous. Most of the removal tools out there are not powerful enough (and that includes your "top 4" money makers). If you were truly dedicated to spyware, you would know that. If you had installed those 178 pieces of anti-spyware yourself and tested them yourself, you would know that most of the anti-spyware software actually comes bundled with spyware. Your website spreads disinformation with no real regard for good information. Perhaps if you wrote the information yourself, you would do a better job, but since the articles are written by other people, and not followed up on, then the result is unfortunately, too much disinformation. And many of the articles are riddled with spelling and grammar mistakes.

that is total nonsense. ALL of them are reviewed by our research center. stick the facts and dont create stories which never exist. People are working here and creating the information not stealing it from somewhere else. If you will look at the site, from top 4, 2 programs are free of charge, all others are one of the best in the market. you can read reviews in other sites. for example - downloads.com. Your constant accuse of danger is ridiculous.
And yes we installed all the software and reviewed them the way they are. Dont spread desinformation again, because I'll accuse you with vandalism. before telling nonsences online try to find these articles and identical reviews somethere else. we know perfectly problems with spyware removers, about corruption and that IS OUR UNIQUE CONTENT.
3. Articles, directory, certification. everything dedicated to spyware.

Again, if the website were "dedicated" to spyware, a logical individual might conclude that there should be more than a single reference to Hijackthis on it. And, it would help if you actually knew enough about the program to make your own comments on it. CastleCops is also dedicated to spyware. You will notice a distinct difference between their website and yours.

the site is dedicated not for IT profesionals. Hijackthis is too complicated tool for Average internet user. And of course it doesnt make top 5, but of course we wrote very good tutorial that even you grandmother could understand.
4. Clear identifications of corrupt antispyware products with evidence.
Articles in 2-spyware has nothing in common with castlecops, and they are not worded, they are written.

Ask yourself why they have nothing in common with CastleCops. CastleCops is, without a doubt, very dedicated to spyware. And, by your own admission, your articles have nothing in common with them.

I can say only again that you need to read these articles before talking nonsences. From your statements I see that you didnt look at the site at all.
Hijackthis is a tool for advanced users, not spyware removal program. You can find very comprehensive tutorial on hijackthis in 2-spyware.

You're contradicting yourself here. The fact is that Hijackthis is OFTEN (not occasionally) the only means of removal for many different forms of spyware. A website that is truly dedicated to spyware should have more than just a single reference to it. This is more true because of all the advertising for your affiliate software. You do the antispyware community a disservice by offering your affiliate software to people many times before they even see a single reference to the one piece of software that can truly help them.

we are working in spyware industry for more that 2 years and we know perfectly all the tools. Hijackthis can not help average internet user and you even dont understand that. Its a program for IT profesional not for the average internet user. There are better tools in the market, more user friendly and more understandable by average user.
nothing dangerous is not to list free programs in top5. HIjackthis is a good tool and I hope there will be more information on this tool in this site.

It's dangerous because people will look at your website, trust you and buy this software from you thinking that they will get rid of their spyware, when they will only be getting rid of their money. Again, as an IT professional, I would never turn to ANY of your "top 5" money makers. Anyone who really knows about removing spyware knows that you should be using Hijackthis, Ad Aware (Lavasoft), Spybot S&D, About Buster, CWSearh Killer. I find it odd that not one single piece of software in the REAL top 5 even breaks into your top 5. If your website were truly dedicated to fighting spyware, wouldn't your "top 5" include just one of the FREE programs that all spyware removal people use? Even just one??? Again, they are YOUR top 5 money makers, and not the top 5 tools. Your website is misleading AND dangerous to the average person.

you are acussing profesional products like spyware doctor and pespatrol that they are stealing users money? Are you out of your mind? try to look over the internet and read reviews of the antispyware products. And of course I see that you never looked at the site because there are free programs at the top.
removal of the link just because one program is not listen within antispyware section (even if it is listed in other section) is not the reason, because it will be added shortly after owners will read this discussion on wikipedia.

Covered above. I mentioned 5 programs, none of which is in your top 5 on your website which is really not dedicated to spywar

from this statement I can only see that you know nothing in spyware. Read some reviews, take a look at downloads.com. read at least this article in wikipedia because it talks about the same top products. it mentions spyware doctor as one of the best product.

You request that we state facts and leave emotions aside, but you continually attempt to bring emotion into this and conveniently leave facts out.

FACT #1 - You know nothing about me and are not qualified to judge how much I do or do not know about spyware removal so your statement just above this one is erroneous.

ok sorry for that. MY FACTS: you statements were defamatory. All info one site written by reasearch center, you stated that we took it from somethere else. You didnt even read any review.

FACT #2 - I am not the first person to object to your link spamming. RainR called you out on it and they even said that the reason they didn't delete your spam link a third time was not to violate the 3 deletions in 24 hours rule.

RainR found the content. you dont. that very different.

FACT #3 - Your statement that CastleCops is a forum only website is false. You should take a look at a website before passing judgement or making false statements about it. CastleCops has many different articles and detailed information on just about every .dll and .exe associated with spyware. They provide a detailed rundown of each known spyware file and non spyware files and instructions and links on how to remove the file and even mention good files that should not be removed.

that doesnt make the sites the same. if you will follow this trategy, all other links are the same too.

FACT #4 - You claim that your website is "dedicated" to spyware. Any credible website that is truly dedicated to the cause of removing spyware will have a higher signal to noise ratio with regards to the topic of Hijackthis. It may be a free tool that a person can not derive any profit from, but it is the most effective tool out there.

there are beter free tools like spybot and ms antispyware, which are more user friendly. thats why HJT doenst make top5.

FACT #5 - You accuse me of being out of my mind while asking that I leave emotions out of the discussion. It is you that is emotional. I am only stating facts. And, I will do so without resorting to name calling. I stated names for the top 5 anti-spyware programs available today. These would be chose top 5 (or at least 2 or 3 of them) by most of the anti-spyware community. You chose non of them in your top 5. Your top 5 consists of affiliate links. You have yet to address this point.

you didnt state the facts. you tries to state that top products in site (spyware doctor and pestpatrol) are bad products and takes away money from users. that not even abou my site. you posted defamatory comments. Let me remind you that you told that we took info from somethere else. And you even dont see that there are FREE programs at the TOP of the list.

FACT #6 - The reference to my grandmother was not appropriate.

its example of the user. You grandmother will nether understand how to use HJT, but she can understand SPYBOT.

FACT #7 - I looked at your website, thoroughly. I won't tell you what I thought of it, since we are not getting emotional or resorting to name calling. But, the fact is, I did have a look at it.

your look wasnt very deep, because you talking things that never existed. AGAIN you didnt even read the reviews because you stated that reviews are disinformational and you didnt even saw that the 2 out of 4 programs on the top list are FREE.

FACT #8 - You stated "Hijackthis is a tool for advanced users, not spyware removal program.". Most of the spyware community dedicated to removing spyware would disagree with that statement.

Try to ask them. And ask average user, not the spyware community. which program is more friendly spybot, adaware of hjt.

FACT #9 - I never mentioned the word "stealing". You got emotional and mentioned that term yourself. I can't remember if that word was used before or after mention of my grandmother.

you DID. look above.

Again, there is absolutely no emotion here. I am not calling you names, or your grandmother, for that matter. That is not the way to discuss this issue. Your website simply adds nothing new to Wiki and I am not the first person to think that your link is spam.Ccole 16:00, 9 October 2005 (UTC)

SO we can do these reverts every day untill we both will be banned. And then analysing the site look at the wikipedia content, not the content on other sites. I'll try to take this issue to arbitrary.

I think this discussion is going nowhere. Both castlecops.com and 2-spyware.com are comercial in the sense that they have some ads. Both provide lots of usefull free information, although 2-spyware.com has it in more structured format, what i like more than more discussion-based site. One must admit as well, that both sites are very different, targeting quite different people. First, I would not suggest Hijackthis for computer-unsawy person due to lack of usability and the danger of destroying operating system. Nor I would rate it as spyware remover (even its authors does not rate it so - it is analysis tool). Nor it is a single way to distinguish most of spywares. What concerns "the best" spyware remover - there cant be single oppinion about which one is the best. I have seen many sites with very different oppinions about this. Show us an informational anti-spyware site that claims that ALL the mentioned in 2-spyware "best" removers are in fact bad or 2-spyware rates a really good remover as "corrupt" without proven reason. The same goes for other accusations - provide facts please, not some accusations. Both topics reminds be some "religious wars" - like linux vs windows, or explorer vs mozilla. Show a bit more tolerance to other person oppinion.

After careful analysis of sites and this discussion I can post following facts: FACT 1. In 2-spyware in the top4 section I see 2 FREE and 2 Commercial products. Commercial products are higly rated in lots of various sites related to spyware. So it proves that they do not promote weak products for higher commisions. FACT 2. It seems reviews and articles in 2-spyware are carefully written, not taken from somethere else. FACT 3. Castlecops and 2-spyware both unique and good sites which both compliments the article in wikipedia. FACT 4. Hijackthis is very dangerous tool for the common user with lack of usability and it is not a remover. FACT 5. 2-spyware is not overloaded with ads, yes they earn some commisions but its perfectly balanced with unique and valuable content. This discussion is not objective and looks like individual war. My vote would be to leave the link to 2-spyware as it is a perfect resource for readers. kaunietis25

For anyone looking at this, until just before kaunietis25 posted, the four featured products were all commercial ones that were affiliate links. The links to Microsoft Antispyware and Spybot are recent changes. The Google cache shows what I mean. [6], though the cache will probably be updated with the new site content eventually. --RainR 07:24, 10 October 2005 (UTC) Google cache now shows updated page.
I have to disagree. Site changes everyday, but it was not changed today at all. I was talking about free products on top4 long before comments from other editors. --ugnius
I would agree with RainR and coyote376. Be very suspicious of websites like this with affiliate links. Also, the writing styles and use of the English language of ugnius and kaunietis25 seem far too similar for my liking. Put that together with the timing of kaunietis25's post and I think there is strong evidence to suspect some sort of collusion. I looked at the Google cache. It looks as though someone is trying to cover their tracks. I personally think this is dishonest.—The preceding unsigned comment was added by 216.191.177.106 (talk • contribs) recently.
Anon 216.191.177.106, please assume good faith; the website has been changed in accordance with a suggestion for improvement made by User:RainR above. That doesn't need to be described as "cover[ing] their tracks". I should think that it is actually laudable that a website is trying to improve itself to meet wp "external link" standards &mdash that's a lot more effort than most people who want Wp to link to their site go to. In any case, this whole debate is about whether that one external link should go in, correct? Looking at policy, I see that we do include:
High content pages that contain neutral and accurate material not already in the article. Ideally this content should be integrated into the Wikipedia article at which point the link would remain as a reference.
and do not include
  1. Wikipedia disapproves strongly of links that are added for advertising purposes. Adding links to one's own page is strongly discouraged. The mass adding of links to any website is also strongly discouraged, and any such operation should be raised at the Village Pump or other such page and approved by the community before going ahead. Persistently linking to one's own site is considered Vandalism and can result in sanctions. See also External link spamming.
  2. Links to a site that is selling products, unless it applies via a "do" above.
My "third opinion" is that this website sounds more like the description of what we do not include than it does of what we do. Jkelly 20:48, 10 October 2005 (UTC)

[edit] Article Byline?

Why does this article have a byline at the top? I thought that was against Wikipedia policy? I am removing it right now; if I'm in error and this is within the bounds of accepted policy, I apologize. JustinStroud 16:07, 14 October 2005 (UTC)

It's vandalism. Wikipedia policy forbids signing article content. Usually, people who scrawl their names on articles have nothing to do with the actual authors of the articles. Whenever you see someone's name "signed" on an article (not a talk comment), feel free to remove it ... and to check the article history for other vandalism. Thanks! --FOo 23:47, 14 October 2005 (UTC)

[edit] Fools AKA Geeks and Nerds

this fools are annoying me! all this damn hackers, got no damn life.

ANy one of you seen Saw 1 or 2, i wish Jigsaw, make them commit sucide AKA die themselves.

I got this fool spyware, lurking on my pc

  • I came home yesterday, found cal open, using the pc, later went for a drink, came back and th cheap crap pc shutdown
  • later on msn, me chatting, the mouse moved over a few steps, and "Run"opend, and the keyboard itself typed, a shorcut to run Pain (microsoft Paint)
  • and that fool drew, a star mark, AKA Satan's mark, you know that Star, but turned upside down.
  • It happened twice i though it was a computer program, there was a program running, the thing pop up saying "I have been infected", comes on the task panel, above
  • went i was going sleep, i hear a sound, and it means that fool must have opened one of my folders
  • TOday me going school, the damn calculator was opened again
THIS FOOL MUST DIE!!!!!!!!
how do i delete this fool from my pc?

>x<ino 09:53, 8 November 2005 (UTC)

Try asking for help at Spywarewarrior forums. Reyk 23:00, 8 November 2005 (UTC)

[edit] Style guideline

The following paragraph was in the article itelf, where it doesn't belong. It's a good piece of advice, so I'm leaving it here:

  • <!-- Wikipedia is an encyclopedia, not a how-to guide. It is inappropriate to add how-to information instructing readers to take particular actions. It is inappropriate to address the reader as "you", for instance in stating what "you can do" to remedy or avoid spyware. It is also inappropriate to recommend particular pieces of software -- we may link to relevant sites, but Wikipedia is not dmoz, either. -->

Reyk 22:36, 9 December 2005 (UTC)

This was a comment left in the article text so that it would be seen by editors of that particular section. It does not affect the article as displayed to readers. --FOo 03:40, 10 December 2005 (UTC)
That's odd, cos I could see it in the article proper. Reyk 07:02, 21 December 2005 (UTC)
I'm guessing that was part of whatever breakage also mangled several HTML character entities, e.g. changing "—" into "&mdash;". --FOo 09:46, 21 December 2005 (UTC)

[edit] MacScan

I'm not going to add the MacScan link back myself, because we don't seem to be trying to list every spyware scanner. But there is a list available of spyware detected by MacScan. [7] --RainR 11:22, 20 December 2005 (UTC)

[edit] Sony DRM "spyware"?

Removed this:

In a small number of cases, firms have distributed audio compact discs with spyware that activates when the disc finds itself in a computer with autorun enabled. Sony's Extended Copy Protection, uncovered in October 2005, has provided the most widespread and infamous example to date.

With its ill-fated copy protection Sony has been accused of just about every cybercrime known to man, but calling the copy protection spyware seems to be an unnecessary generalization of the term. You can call it a rootkit or malware or even a trojan horse, but calling it spyware is silly. Despite the highly general description at the beginning of the article, there are still things that distinguish spyware from general malware. In general spyware seeks to benefit its author somehow through advertisements, identity theft or other surrepetitious extortion schemes. Rootkit-using copy protection may be questionable, but it's not shoving ads in your face or logging your credit card number. It's not trying to earn off of you—they already did that...

This paragraph is also highly misleading in that the "small number of cases" seems to comprise of only this one, unless anyone knows a genuine example of autorun CDs that installed spyware. I think someone just wanted to mention the Sony case in this article, but I don't see the need. 82.92.119.11 22:23, 15 April 2006 (UTC)

Well, originally "spyware" meant only programs that snoop on the user, whereas later it came to be used to mean programs that are surreptitiously installed and do things the user doesn't want. (That seems to be the working definition we're using in this article.) Since the Sony-BMG software was installed surreptitiously (by autorun), acted against the user (by blocking them from doing legitimate things with their CD-ROM drive), and reported back to its master (reporting the CDs being played through the installed player software) I think we're safe to call it "spyware".
By the way, the term "rootkit" for the Sony-BMG malware refers specifically to the techniques it used to conceal itself after it got installed. See rootkit. --FOo 00:31, 16 April 2006 (UTC)
Well, getting into a war of definitions is pointless, and I do see some sources referring to it as "spyware" (although most prefer just "malware" or "trojan horse"). I'm getting the feeling these words (or rather the distinctions between them) are becoming less and less useful. Compare worm and virus; nobody cares about the difference anymore.
One thing I did forget about which actually justifies the "spy" in "spyware" is that the Sony DRM reported back home when the CD was played. This is the only part that really involved spying. 82.92.119.11 15:47, 16 April 2006 (UTC)
Well, therein lies the rub... Where Sony got in trouble was not the overt mission of the software, but rather, that it violates two basic tenets that typically are associated with spyware: That it intentionally takes measures to conceal its presence and actions from the user, and, that it reports data from the user's computer upstream. I think you'll find that the computing community agrees with Foo here, that Sony did indeed overstep the fine line between "boorish malware" and outright spyware. Mroesler 02:40, 17 April 2006 (UTC)

[edit] Ban Spyware ?

So does the government have any plans to ban spyware? There were talks about it back in 2004; but nothing has happened as of yet. 24.23.51.27 05:50, 3 June 2006 (UTC)

I suggest you search news websites for this.--Andeh 12:45, 4 June 2006 (UTC)

[edit] External Links and Spam

Okay, why is the External Links reverted back? I specifically changed it so it wouldnt be filled with sites that were not necessary for being a link. You dont need that many sites. Especially when you have 2 links to web directorys. Give me a break. The Links need to be scalred down and only put to CREDIBLE sites that ADD to the information given, not simply to put because it talks about spyware. I work too hard on WP to get rid of External Link Sections that look like this one to have all this work reverted because the editor has a hang up. --Ownlyanangel 09:26, 4 July 2006 (UTC)

[edit] easy way to tell certain trojans or such what

if you look at the friken pop up, it may say a way to lose weight without a diet or something, well don't clock andythign in the acctuly pop up, if youm ove ur mouse anywher,e you should see its lal clickable, people miss this and its so obiouse liek the banners you see so often that are only clickable and not usable. i will add other ways later.

[edit] Definitions

I don't think most of the programs listed as "containing spyware" fit the given definition of spyware at all. Programs such as Kazaa, Morpheus, Messenger Plus, etc., all have license agreement's that clearly say what they're going to install, what user information will be taken, whether advertisements will be displayed, etc. Weatherbug is not listed as spyware by major anti-virus/anti-spyware vendors although some of them used to list it. The article lists eDonkey2000 as both "containing spyware" and "previously containing spyware". 68.40.58.147 05:57, 3 August 2006 (UTC)

License agreements are not relevant to whether the program is spyware. They may (or may not) be relevant to whether it is a computer contaminant and hence illegal to distribute. However, "spyware" is not a legal category; it is one that has come out of the community of users and technicians. It has been defined extensionally in terms of various classes of behavior, including but not limited to:
  • surreptitious or sneaky installation (e.g. drive-by download; installation under cover of another program)
  • installation or action without informed consent (that is, the user doesn't know what the program is going to do)
  • hucksterish or false claims about the software (e.g. "optimize your computer!" for a program that just displays ads)
  • concealment (e.g. rootkit techniques)
  • running under false or deceptive names
  • failure to respect standard uninstallation techniques (e.g. "Add/Remove Programs")
  • taking active measures to stop uninstallation
  • reporting on user behavior not directly relevant to the software itself (e.g. browsing behavior)
  • loading of more spyware
  • displaying of unwanted ads or pop-ups, especially ones that interrupt or bother the user.
  • flashy or annoying behavior in general, especially in combination with being difficult to uninstall
"Spyware" is basically a category that stems from users and technicians trying to understand and respond to disruptive and destructive software, rather than from legislation or litigation. That doesn't mean it's not a real category, or is less objective or important than a legal category such as "computer contaminant" in various state laws. But it does mean that you can't dismiss a program as not being spyware just because it presents a "license agreement" with the understanding that most users cannot understand and are not competent to assent to such "agreements". --FOo 06:29, 3 August 2006 (UTC)

68.40.58.147 06:42, 3 August 2006 (UTC)Then the definition listed in this article needs to be changed. Many of the programs listed do not fit the definition given at the beginning of the article.

[edit] record what a user types

"More malicious versions can try to record what a user types to try to intercept passwords or credit card numbers."

This link seems to be not related to spayware. Pérez 16:30, 11 August 2006 (UTC)

[edit] Inclusion of SpyWall

I disagree mentioning the software SpyWall as it doesn't appear notable, and is commercial[8], unlike other popular products such as Spybot/Ad-aware.

If this software is notable please link to notable awards/reliable sources. Thanks.--Andeh 15:01, 29 September 2006 (UTC)


Here is a link to the Datamation's security product of the year award to SpyWall. http://itmanagement.earthweb.com/secu/article.php/3587056

However, SpyWall should be mentioned because it is so different and unique. It is the only product that can remove spyware like Look2me, QooLogic etc. It is the only product that incorporates a sandbox for the web browser and block browser exploits....just like the recent VML exploit or the earlier WMF exploit. These exploits are used to install spyware. (According to TrendMicro survey, 85% of the attacks are via the Web browser.)

BTW, the following paragraph that was accepted to Wikipedia was written by me.

"New breed of spyware (Look2Me spyware by NicTechNetworks is a good example) are starting to hide inside system critical process and startup even in safe mode. With no process to terminate they are harder to detect and remove. Sometimes they do not even leave any on-disk signatures. Another twist on spyware hiding is the increasing use of rootkit technology. The end result is that spyware components become extremely hard to detect and remove and most anti-spyware programs available today have very little or no rootkit detection capabilities."

We at Trlokom are at the leading edge of fight against malware. We have seen cases where a scan by defender or ad-aware will not show any spyware, but we catch them.

SpyWall brings something very new to the fight against spyware and deserves a mention. Wikipedia is about knowledge and not about free tools or a popularity contest.

And while we are talking about free and popular tools, here is an article where Microsoft says recovery from malware is becoming impossible. http://www.eweek.com/article2/0,1895,1945808,00.asp

So, while SpyWall can remove these malware, you think it should not be included, and the discussion should be about the tools that are failing?

I propose we put the mention of SpyWall back into the article.

Thanks.--Jay 29 September 2006

Thank you for the reply, please allow me some time to review your response. I will respond asap. Thanks.--Andeh 18:54, 29 September 2006 (UTC)
Sorry, but I'll have to disagree with re-adding it into the article. It appears you are from the company Trlokom

We at Trlokom are at the leading edge of fight against malware.

And Wikipedia is not a vehicle for advertising. The product is commercial and from what I can see there is no free alternative of the product. And the features you mentioned are already available from free Lavasoft software and Spybot's. I do not believe this addition will improve the quality of the article (we are talking about spyware here, not how good/special an anti-spyware program is) or help any users reading it. Without reliable references, the addition is of no value to the article.--Andeh 19:11, 29 September 2006 (UTC)

"I can see there is no free alternative of the product." How is this statement relevant to the discussion? There are many commercial products mentioned in the article anyway.

"features you mentioned are already available from free Lavasoft software and Spybot's." This statement is false. They do not have a sandbox or a dedicated rootkit scanner. And, it is pretty well known inside anti-spyware industry that they are unable to remove nasier malware. This is not a rap against these two programs and they are excellent IMHO. It is just a question of technology need to fight the newer malware is changing and that is all I am trying to point out.

"are talking about spyware here, not how good/special an anti-spyware program is" Actually we ARE talking about anti-spyware programs under remedies and prevention section. Please check the article again.

I do not think adding the following line violates any guidelines. It does NOT say how good SpyWall is.

Trlokom's SpyWall anti-spyware combines spyware scanner with sandbox for Web browser and a rootkit scanner.

and it is in sync with the very first line of the paragraph in that section. "Many programmers and some commercial firms have released products designed to remove or block spyware. "Jay"

If there is no free alternative to your application, then this would not benefit any users without the user paying. You may not have been aware of Lavasoft's rootkit remover which is free, and it appears there are several applications with sandboxing features listed here. There is no need for the application to be mentioned, as lavasoft and spybot are free, and both provide free support in their forums, and all the features SpyWall appear to be readily available from other locations. SpyWall hasn't broken any significant anti-spyware grounds, so there isn't any real reason to add it into the article.--Andeh 21:30, 29 September 2006 (UTC)

"Lavasoft's rootkit remover which is free" It is not a full blown rootkit scanner/remover. It is tool that was made to reveal the SONY rootkit ONLY! And you cannot use it to fight other rootkits. You are simply making false claims.

All I want to do is add one line that states SpyWall incorporates a sandbox and rootkit scanner. I don't want to say how much better we are etc. It makes perfect sense to add that one line under remedies and prevention section as people looking at ad-aware, spybot, etc. will see how different approaches for "remedies and prevention" of spyware are available. After all, isn't that the purpose of that section?

--Jay 29 September 2006

Thank you for bringing up the issue regarding sandboxes, I have now added that in. This application is not free and is not the only application which allows this features as shown by [9], nor is it as established/well known as other spyware applications mentioned in the article. Please remember, Wikipedia is not a vehicle for advertising, coming here just to advertise your product is strongly frowned upon. You are, however, encouraged to add content instead of links to your own website.--Andeh 01:07, 30 September 2006 (UTC)
"All I want to do is add one line that states SpyWall incorporates

a sandbox and rootkit scanner."

The problem is your claim of uniqueness.

You telling me spywall is the only AS product that includes a rootkit scanner? really? Granted ad-aware does not (at least it doesn't say so explictly), but you really think Spywall is unique in this area? You guys are the only ones who know that spyware is using rookit techniques? :) Your problem my friend is that you keep attacking spybot and adware, but please notice that these two are in there chiefly because of popularity and historical significance. Try comparing yourself with other products listed like Counterspy,Spysweeper, Spyware doctor , SUperantispyware (which isn't listed) etc. If I were to support anyone to be listed it would be superantispyware which was recently added to the pretigious Spyware warrior trusted list .

And again if I wanted to list sandboxes, I would rather list generic sandboxes then your product which is limited to browsers (and the last time i read is IE only), while other products support not just browsers but applications in general.


Aarontay 01:17, 30 September 2006 (UTC)



My take. For sure spywall isn't popular enough to be included, I'm sure even Spywall people would agree. So any inclusion lies on the basis of uniqueness.


So let's see what claims of uniqueness you have made.

1) Spywall is the only software that can remove Look2me, QooLogic.

At any time, a large percentage of the newest breeds of each new evolving malware resists auto removal methods that is nothing new though you have no doubt chosen one of the harder ones. That said it will be surprising no doubt to the makers of various Antispyware such as sunbelt or lavsoft to hear that their products are totally useless against Qoologic and Look2m. You can see here that they are in the recent definition files here here and here and no doubt more if you borther to look. I haven't tested your spywall but I highly doubt your product is able to remove *all *of the newest strains either. In any case your claim that *only* spywall can remove these spyware is pretty much unsupportable unless you are telling me you have tested all the other Antispyware up to recent times?

2)"It is the only product that incorporates a sandbox for the web browser and block browser exploits."

Let's not be misleading here. Unless I'm totally mistaken your sandbox doesn't block exploits per se (or do you have a perfect zero day protection system that block all exploits??), but mitigates the damage they do due to sandboxing. Granted in that sense they are blocked.

Sandboxing itself is getting pretty popular as a method to protect the browser these days, and the leading, popular ones are probably sandboxie (freeware with some minor features turned off if you don't donate) , Defensewall, greenborder , bufferzone etc based on various reviews done , for example here.

I was thinking of expanding the section on security practises to include the practice of sandboxing or even running browsers with limited rights via drop my rights as other ways to deal with spyware. If that occurs, I think it is not totally unreasonable to include spywall there but even then I'm disclined to do so because it is pretty unknown.

E.g A quick search of various popular forums dedicated to spyware removal, like spywareinfo, [Broadband DSR http://www.dslreports.com/nsearch?q=spywall&old=Older&cat=remark&old=1] etc shows very little or no mention of your product (all of the mentions in DSR is for the Bitdefender product which also as a component called spywall). The ones in Spywareinfo is particularly amusing since it is mentioned by people who are saying that they still get infected (though i admit when he says he has a spywall he might not be talking about your product) or they are found in HJT logs of infected users( this time it's definitely yours)... Okay no product is perfect, but still amusing nevertheless.

Even in Wilders which is well known for being on the cutting edge for people trying out new security solutions, your product gets less than 23 mentions most of which is you advertising on a thread. On the plus side I see kareldjag who is a noted expert on testing such products)) mentioning your product though it looks like he never really tried it??

Add the fact that you posted here just to spam your link and the lack of any free version, I would feel disinclined to include your product. Altough wikipedia is not a place for just freeware, it is reasonable to think that freeware products (or products with free versions) are still of greater interest to people for obvious reasons and hence having a freeware is an added incentive for addition.

In summary, I don't think your product is well known enough, or verified to be better at removal compared to other antispyware except based on your own statements (show me links to independent testing please). The sandboxing thing is a slightly better reason, but even then there are better and more well known products, some of which are even free. Aarontay 01:04, 30 September 2006 (UTC)


"you keep attacking spybot and adware," I would like to make it clear that I have not attacked either. Andeh made incorrect claims and I just refuted them. I have even stated that they are excellent products and I know that it takes a lot to chase malware and keep the definitions current.

"In any case your claim that *only* spywall can remove these spyware " Granted. I have tested many recently, but not all of them.

"The sandboxing thing is a slightly better reason," That is what I had mentioned along with a built-in rootkit scanner. Again, as far as I know, SpyWall is the only anti-spyware product with built in rootkit scanner and sandbox. Other anti-spyware products may have some rootkit scanning capabilities, but I have not seen any that have a full blown RK scanner. And I am not commenting on the merits of any product or their scanning engines, just in case.

--Jay 29 September 2006


"I would like to make it clear that I have not attacked either."

No not attacked, just claimed how unique your product was just by comparing only windows defender, ad-aware and spybot throughout all your arguments (ad-aware can't remove this, but my product can etc). I think the fact that you only mention these 3 and nothing else (despite the fact that we list Spyware sweeper, Spyware doctor etc (which are listed because of a much larger following and establishment) shows you probably only tested (or tested mostly) against these 3 products.

"That is what I had mentioned along with a built-in rootkit scanner. Again, as far as I know, SpyWall is the only anti-spyware product with built in rootkit scanner and sandbox. Other anti-spyware products may have some rootkit scanning capabilities, but I have not seen any that have a full blown RK scanner. And I am not commenting on the merits of any product or their scanning engines, just in case. "

Actually by saying the other products don't have a "full blown RK scanner" you are already commenting on it! I'm not sure what your definition of full blown RK scanner is, perhaps you mean something generic like Syinternals Rootkit revealer, Blacklight, Icesword, Darkspy etc? If so, spyware doctor definitely has one. Not to mention tons of other products now are in the progress of adding or have similar features built in , like bitdefender 10 (which provides spyware protection), prevx etc.

This is not 2004 (or even 2001!) adding rootkit detection capabilities (whether full blown or not) for windows scanners is no longer a unique point. You keep claiming that you are in the leading edge of technology, but it seems to me you are comparing yourself only with ad-aware,spybot and windows defender. I recommend you compare yourself with other products before making such a claim!

And I repeat, even if i were thinking of adding sandboxing as a defense, the limitations of it (compared to other sandboxes), the lack of a free version and it's lack of popularity makes me wary about adding it.

I have no ill will towards your product and it's probably decent, but I admit being turned off hy your attempts to try to mislead others who are less informed in this area, with selective information and unsupported statements. In particular your claim that only your product can remove spyware is clearly misleading as you know admit. Aarontay 03:49, 30 September 2006 (UTC)


Ok Aarontay, I did some tests. Tried Symantec, McAfee, TrendMicro, Pestpatrol, and spyware doctor against look2me. None of them was able to remove it. Did not try Webroot, but will do that as well later. If you don't believe, I will be happy to e-mail you the sample. OTOH, SpyWall did remove it. Let me know if you want me to do any other tests. Thanks,

--Jay 1 October 2006


Skipatek unfortunately even if I could verify your finding, it would not help. Please see WP:NPR . Leaving that aside I'm know SuperAntiSpyware can remove it(at least I've seen it work recently though I wouldn't be foolish enough to claim it works against all strains) and it's not listed despite having a totally free version. So why should Spywall be? :) BTW this shows the futility of claiming uniqueness with respect to removing malware that others can't. Firstly you can't possibly test them all to make such a general claim, not to mention that any such claim would quickly be outdated. Also at any one point in time, while any product can remove some strains that others can't, it's almost certain the reverse is true too. if we used this criteria, everybody would be listed by sending us samples where only their product can remove it but others can't (assuming we overlook the NPR). Give it up. If I were you, pushing the whole sandbox angle gives you a much better shot IMHO. Aarontay 08:03, 2 October 2006 (UTC)



Aarontay and other members,

I would like to revisit the issue if SpyWall can be included under the use of sandbox to prevent spyware. Here is the line I propose to add.

"SpyWall is one of the anti-spyware products with a built-in sandbox for the Web browser."

--Jay 1 December 2006

Why would such a statement add value to the article, besides marketing for you guys? —The preceding unsigned comment was added by 155.69.5.236 (talk) 03:59, 8 December 2006 (UTC).


For the same reason other products are mentioned. There is a paragraph about sandbox to protect against spyware and an example or two would be perfectly in line with the rest of the article.

--Jay 8 December 2006

[edit] Adding super antispyware to list of antispyware

Given the general fear of spam links on this page, I thought I discuss this before adding.

First off I'm not associated with antispyware in anyway.

Why add Super antispyware?

  • It has being recently listed on the very well known Spyware warrior site as a trusted program. Incidentally, all the other entries on that list (except pest patrol which is well known for generating false positives) are already on our article.
  • It has a fully functional freeware version

I'm not dead set on adding it, but in my admittedly anecdotal experience, super antispyware can often remove spyware that is resist to windows defender, ad-aware and spybot and hence can be a helpful addition to the arsenal. Aarontay 04:31, 30 September 2006 (UTC)

[edit] Adding other classes of security products as remedies

Would it be a good idea to create a section on the use of other security products (besides Antispyware) as a preventative method?

I'm talking about sandboxing (including full virtualization given the recent interest on Vmware and Virtual PC) and what some call behavior blockers while others call IDS or IDP or more commonly HIPS now that they run on the host systems [ http://netsecurity.about.com/cs/firewallbooks/a/aa050804.htm]. Besides discussing the pros and cons (with references of course), I would add a limited number of examples of such products many well known (by standards of these products which are obviously nowhere as popular as antiviruses) as examples. some will be freeware others not.

I notice that Winpatrol which is kind of like a behavior blocker is already mentioned, though it seems a bit out of place in an article that mentions 100% antispyware programs (of which winpatrol isn't).

Also the spywall guys might get their chance to be entered, if such a section is created... :)

Or should I just create or link to existing wikipedia articles on these 2 subjects?

Aarontay 04:45, 30 September 2006 (UTC)




I agree that it will be great to mention HIPS and sandboxing, but not sure if you need a section for it. HIPS and and sandboxes aim to prevent spyware installation and the "Remedies and prevention" section clearly talks about

"1. real-time protection, which prevents the installation of spyware"

to combat spyware. I think that adding links to HIPS and sandbox while mentioning a few products should be sufficient and not dilute the focus of the article.


Jay 30 September 2006 (UTC)

[edit] External Links

I can understand that external links need to be held and watched for spamming, as I am sure it is a reoccuring problem. However, the list of external links as it stands now is very weak. It is missing quite a few of the top sites for anti-spyware info. I see bleepingcomputers link to their forums there, but not geeks to go, or tech guy, or computer cleanup, why? I'd highly recommend adding some of the top anti-spyware sites, it would make this page a lot more resouceful.

[edit] Out-of-the-blue certification stuff...

From the article...

As a result of his analysis in 2000, Gibson released the first anti-spyware program, OptOut, and many more software-based antidotes have appeared since then.[1] International Charter now offers software developers a Spyware-Free Certification program.[2]

Eeeeeehhhhh.... what the heck? I'm removing the International Charter bit; it's importance is weak in this article and quite inappropriate in this part of the article anyway. If anyone can say this certification is really really really really important, it should probably be integrated better to the article, but right now it comes across as spam... --wwwwolf (barks/growls) 15:03, 3 November 2006 (UTC)

[edit] Fair use valid?

Is the fair use claim on the IE screenshot image really valid? Surely we can get a similar image from an open source browser. Borisblue 00:35, 7 November 2006 (UTC)

Show me an open source browser that is susceptible to spyware. :)
But seriously -- copyright on software doesn't give the copyright holder the right to forbid journalists or encyclopedists from reporting about that software, including screenshots. This is not a controversial instance of fair use -- tech journalists and even ordinary newspapers frequently print screenshots without seeking special license.
Oh, and if you have legal concerns -- I suggest taking them up with the Wikimedia legal counsel. That's what they're for. --FOo 05:12, 7 November 2006 (UTC)
I am not worried about libel trouble. But our mission is to create a "free" encyclopedia. We shouldn't use a copyrighted image if we don't have to. Borisblue 09:13, 7 November 2006 (UTC)
This is nearly paradigmatic fair use. (See Sony v. Bleem, where it was fair use for Bleem to use screenshots of Sony games to advertise its emulator.) The fact that it's necessary to show a particular situation in which infection occurs helps the case further.
It's not fair use if it can be replaced with a free image that fulfills the same function. But I've given up trying to infect my Firefox with spyware, it's just not doable =) Borisblue 04:41, 12 November 2006 (UTC)
Sure it is. There are two ways, via Java applets and XPI downloads. But to date, even those malware only use firefox as a means to infect Internet explorer. Aarontay 06:43, 14 November 2006 (UTC)
Okay the image is clearly fair use and not because you couldn't do the same thing in another browser. Also every image make is copyrighted so the idea the we shouldn't use copyrighted images if we don't have to is silly their are very few interesting turelly uncopyrighted images in existence. Also please remember copyright and fair use are not cut and dried issues their is *a lot* of gray area. First we look how we are using the image, wikipedia is a non-profit educational venture, this simple fact is very much in favor of fair use. Next the amount of IE that you see is very small in that picture and the real important thing about IE is not how it looks but how it works with the user with a screenshot can't even show. Finally the image will have zero impact on the ability of Microsoft to use IE to make money, (people will not be able to use the image as a web browser.) So in conclusion no copyright worries here.Lotu 23:50, 14 November 2006 (UTC)

[edit] Unreferenced?

How did this get approved as an FA, much less allowed on the Main Page, with a big fat blue {{unreferenced}} on one section? Daniel Case 03:16, 12 November 2006 (UTC)

I was wondering the same thing, also there are a LOT of red links. James086 Talk | Contribs 03:49, 12 November 2006 (UTC)
Also the spam tag. Granted, that'd be relatively easy to remove, but still. Crystallina 04:08, 12 November 2006 (UTC)
I don't know either, but it's an shameful embarassment to Wikipedia to have this on the front page. There are a number of factual errors in the article, lots of overlinking, spelling errors, direct external links where internal ones would suffice, a mix of British & American spelling, and the references section is a mishmash of different styles; lots of missing information from those references, too. -/- Warren 05:25, 12 November 2006 (UTC)
I think this article could be improved if we split it into several parts on its own. Each subsection alone is longer than most wikipedia articles. Smaller chunks are also easier to work with and helps though of us patrolling only certain sections. It's also much more manageable, right now it's like everyone who fancies himself an expert on computer security is descending down on this generic article. Not to mention the spammers. Aarontay 13:57, 13 November 2006 (UTC)

So fix it. At the time this article was featured, it did not have so much nonsense all over it. In the months prior to it being featured, I did a lot of work on it ... unfortunately, in my current job I have not had nearly so much free time. Sigh. --FOo 06:10, 12 November 2006 (UTC)

Then you ought to consider whether it should still be an FA. Daniel Case 15:21, 12 November 2006 (UTC)
Agreed. This article is a mess. Aarontay 13:41, 13 November 2006 (UTC)
If it used to be good, and is now a mess, rather than remove it from the FA list, can't we just revert it back to when it was good? Skittle 16:12, 13 November 2006 (UTC)
It was approved in mid-2005. We cannot simply revert it to that edit as there has been new and relevant information added since then. We need to work with what's here. Daniel Case 19:40, 13 November 2006 (UTC)

[edit] "monetary loss"

This Wikipedia entry states, "In an estimate based on customer sent scan logs, Webroot Software, makers of Spy Sweeper, said that 9 out of 10 computers connected to the internet are infected and 86% of those surveyed suffered a monetary loss due to spyware." When http://www.webroot.com/resources/spywareinfo/, the cited source, states: "While 86% U.S. adult Internet users believe that spyware on their computers has caused them to suffer a monetary loss, 2005."

Obviously, people's paranoia can lead them to think they have suffered a monetary loss when they in fact have not. It would be nice to find real evidence of monetary losses, but the entry as it currently is is hearsay so I'm cutting out the "and 86% of those surveyed suffered a monetary loss due to spyware" Rip-Saw 05:34, 12 November 2006 (UTC)

First off, it its difficult to say what constitutes a "monetary loss". When you consider that the recording industry claims a monetary loss of thousands of dollars when a teenager copies a single audio track, it should be clear that there's a habit of exaggerating such numbers.
But, that said, what does constitute a monetary loss? If I am a Windows user and, out of concern over spyware, spend money on anti-spyware software, then is it reasonable to call my expense a "monetary loss" due to spyware? Maybe; maybe not.
The 90% figure, I think, is exaggerated. Somewhere upwards of 5% of desktop computers are not running Windows at all -- the last figures I heard were 4% Mac OS X and something upwards of 1% Linux. Those machines are categorically not affected by today's spyware, which is purely a Windows phenomenon. (Not that it's necessarily that way -- but so far, it has been.) And I suspect that more than 2.5% of Windows users are sufficiently knowledgeable or lucky to keep their computers clean. This by itself would refute the 90% figure. --FOo 06:08, 12 November 2006 (UTC)

[edit] Readability of Article

I have recommended the Wikipedia website to my students, who are aged 16-19, for research purposes, however they have struggled to understand some of the articles. This is mainly due to the complexity of the language used. The readability score of the article is 12.99, which is the years of education needed to be able to understand this article on first reading, thus rendering it accessible only to those who have had a university education. The article could be improved by reducing the length of the sentences, reducing the length of the paragraphs and replacing difficult words with more commonly used ones which would make the article more accessible to a wider and perhaps younger audience. Would any of the editors be prepared to review the article to make it easier to read and thus more accessible to more users? Sarahhcfe 14:28, 12 November 2006 (UTC)

There's a special version of wikipedia written for those whose grasp of english is shaky. The articles are much easier to read, relying on simple vocabulary and grammatical constructs. Go to "simple.wikipedia.org". yandman 17:38, 12 November 2006 (UTC)
I'm not sure you understand what she meant. Having begun a serious round of proofing and copyediting a hard-copy of this last night, I see she has a point. It is tortously written, belaboring many of its points, explaining far too much and wordier than it needs to be. It may have assessed at college level, but it reads like a tenth-grade paper (and a firm C one at that). Daniel Case 14:11, 14 November 2006 (UTC)

[edit] Remove the Weatherbug From Spyware List

I think the Weatherbug should be removed from the list of having spyware list because it the program is certified by TestPros [10] Red1530 15:32, 12 November 2006 (UTC)

Sorry, mate! Any bug has to be treated as bad thing in the computer business! 201.19.180.73 16:53, 12 November 2006 (UTC)
Weatherbug is the name of the program and according to TestPros it's not spyware. Check the site for yourself. Red1530 17:14, 12 November 2006 (UTC)
It would be better to post a link to TestPros' page explaining the tests they made with Weatherbug. 201.19.195.27 04:20, 13 November 2006 (UTC)
I got the link right here and also the page on the Weatherbug site Red1530 18:23, 19 November 2006 (UTC)
Weatherbug is NOT spyware -> Take notice that Spyware Guide lists 3 similar weather software and you don't find WeatherBug among them. For those among you that don't know yet, "Spyware Guide" is the most respected company in malware related stuff. It seems that a lot of people is interested to see WeatherBug's name tarnished, and most probably the troubles imputed to it were not caused by WeatherBug, but by the 3 malware listed in Spyware Guide. Thanks. 201.19.188.39 20:37, 2 December 2006 (UTC)

[edit] lacking sources?

why tagged as lacking sources? Looks well referenced to me... --24.216.66.133 20:07, 12 November 2006 (UTC)

[edit] Security precautions

I know this sounds like a non NPOV argument, but what about actual computer science arguments being included? Examples such as permissions systems (restricting privileges to what you need). Running only trusted software, MD5 style key verification, safe package repositories, disabling unnecessary features in trusted software etc. This fails to be mentioned in the article and as such i find this article misleading.

Perhaps mentioning that this (and here i am walking into dangerous rant territory) "need" for home software users to install software without verification of its integrity. Mentioning that the majority of non-MS operating systems, especially those that have safe package repositories, don't suffer from spyware to anyware the extent of MS platforms.

This seems like a considerable oversight, but apologies for the tone of my comments, i just feel that this should be included somewhere, to make people aware that spyware is not just a natural phenomena of computing, but rather a product of careless execution of non trustworthy (either due to bugs, overly aggressive code or due to malicious intent). This article seems a little "mainstream popularist" in that regard, with insufficient encyclopedic analysis. 129.78.208.4 22:16, 12 November 2006 (UTC)

[edit] Featured article

How can this be a featured article when it has this tag "This section does not cite its references or sources" on it? --MNAdam 23:03, 12 November 2006 (UTC)

Very strange, isn't it? Not only "featured article", but "featured aticle of the day". Methinks Raul's computer must have been infected one day... yandman 09:04, 13 November 2006 (UTC)

[edit] Featured article review

User:Daniel Case opened a featured article review (FAR) which contained some concerns that this article does not meet the FA criteria (WP:WIAFA). I have closed the review for now because it is common practice to allow some time to articles recently featured on the main page before nominating for FAR. The reasons for this are: to allow time for the article to stabilize, and to allow for concerns to be resolved on the talk page. Joelito (talk) 14:07, 13 November 2006 (UTC)

Here are the comments of the FAR nomination:

This article's recent turn on the Main Page led to a number of negative comments on the talk page about a number of deficiencies that should have given us pause in doing so: one whole section tagged with {{unreferenced}}, spelling errors, redlinks, and what some are calling factual errors in the article itself. IMO, when an article about something doesn't even provide a citation for the origin of the term when it seems that one should exist, it belongs here and not on the Main Page.

It was approved over a year ago; the editor who guided it to that approval said he had not been able to do much work on it since that approval, and that was when it got degraded.

Can it be saved?Daniel Case 05:22, 13 November 2006 (UTC)

I will revisit this article in a week (November 20) and see if these concerns have begun to be addressed. If not, I will reopen the review then. (I would try to fix it myself but a) I'm extremely busy both on and offline and b) more to the point, it's not my area of expertise and I think it will need a lot of work). Daniel Case 15:09, 13 November 2006 (UTC)
OK, I'll try to at least print it out and do a full copyedit. It could use at least that. Daniel Case 19:41, 13 November 2006 (UTC)
Why not have articles go through a FAR before they appear on the main page? --MNAdam 21:14, 13 November 2006 (UTC)
Typically, articles go on the main page shortly after being promoted. In this case, it had been over a year.
This is, to some extent, my fault. I had looked it over before it went on the Main Page and I should have registered an objection at WP:TOFA (that's what it's there for). That's what should be done instead of FAR. Daniel Case 13:47, 14 November 2006 (UTC)

[edit] Thanksgiving copyedit

I have taken advantage of the US holiday to sit down and implement many of the corrections I had scawled in red pen across my printout, and then some. I shaved off about 5K from the article in text edits alone ... a sign of serious bloat. I got rid of the entire two grafs musing about how spyware EULAs might be unenforceable because it was pure speculation. I trimmed the cutlines. I got rid of many instances of information needlessly restated and the pedantic passages explaining concepts best left to the articles on them.

And still, I think it should be reviewed. There are even more sentences flagged as unsourced than before. We also have an NPOV section ... I've contacted the original tagger to explain what he meant (probably some dispute over whether the software in that section can objectively be likened to spyware).

I will see what changes get made by Sunday (two weeks from the main page). Daniel Case 02:08, 24 November 2006 (UTC)

[edit] Watch out how you post links

I removed a link from this page while reading it. The link went to a potential pest site rather than (presumably) to a description of the pest. As this site was one mentioned for drive-by isntallations, this seemed a little unwise, even if any current threat had been removed.—The preceding unsigned comment was added by GhostDancer (talk • contribs).

[edit] Good idea to split into smaller articles?

Does anyone think it is a good idea to split the article into small more manageable chunks? The remedies and presentation can be a completely new article for instance. Particularly the listing of security software. Aarontay 06:49, 14 November 2006 (UTC)

We could definitely spin off some lists here. Daniel Case 20:58, 30 November 2006 (UTC)

[edit] Notable programs distributed with spyware

I recently had a lot od problems after downnloading Bearshare, a Peer2peer file sharing programme. A couple of people told me that this is because it comes bundled with spyware. Sure enough, a cleaner I use always wanted to remove Zango, which was part of Bearshare, and Kazaa, which also seemed to be. Can anyone verify this or provide links? If so, should be added. raining_girl 20:21, 14 November 2006 (UTC)

[edit] Vanity Posting by Product Vendor

Anonymous user 206.113.202.2 keeps adding links to iS3's STOPzilla. It doesn't take much digging to discover that this IP address is registered to... iS3. Please watch out for his guy turning the article into an advertisement. I'm sure there is a legitimate place to mention STOPZilla, but prominent placing inserted anonymously (and repeatedly - it's been removed more than once) isn't it. Steve 09:13, 28 November 2006 (UTC)

Yes, very pesky. Out of curiosity I just did a Google for stopzilla site:wikipedia.org
and turned up some others, but it looks like you know about these already. --CliffC 17:15, 28 November 2006 (UTC)
This Stopzilla guy is just one of the many others repeatedly spamming the Anti-spyware program section. Personally, I would strip out all the entries in there except historically significant ones which means Optout (started this whole business), Ad-aware (successor of Optout) and Spybot (released at the same time as ad-aware) plus Windows Defender (for obvious reasons). The rest, no matter how well known (e.g Sunbelt's Counterspy, Spysweeper, spyware doctor) will be moved to a another list on another page. All the spammers can happily spam that list to their's heart's content. --Aarontay 10:23, 6 December 2006 (UTC)

[edit] HOSTS File doesn't work that way

Just a comment about this paragraph:

"Some users install a large hosts file which prevents the user's computer from connecting to known spyware related web addresses. However, by connecting to the numeric IP address, rather than the domain name, spyware may bypass this sort of protection."

The HOSTS file is a tool that can replace or override DNS resolution. This means that when a computer looks up an internet name (such as "www.spywareInstallerSite.com") the machine looks in the HOSTS file before it requests an IP address lookup from the DNS server. In this case if the web address had been added to the HOSTS file with a dummy IP address the computer would be unable to locate the server and the request for the site would fail. It does not matter if the site changed its IP address once per day, it would never resolve to anything but the dummy IP address set in the HOSTS file on that computer.

This can be verified by adding the following entry to your HOSTS file (on XP "C:\WINDOWS\system32\drivers\etc\HOSTS"):

1.2.3.4 www.google.com

Save as "HOSTS" not as a text file (by default Notepad.exe will want to save it as a text file)

Now try to browse to or ping "www.google.com" You will find that this site is now dead, it cannot be reached. It does not matter what IP address is actually associated with the site, you will not resolve to any address other than 1.2.3.4, which is not google. (now remove the entry from your HOSTS file).

Many malware cleanup programs set your HOSTS file to Read-Only to prevent Malware from using it to redirect a user's attempt to remove the malware. I have seen hosts files overwritten with dummy entries for just about every antivirus, anti-malware and removal tool site.

So your concern is not that the Spyware may bypass them, but that the Spyware would overwrite your changes and disable websites that would allow you to remove said Spyware. Cliffordwagner 13:57, 11 December 2006 (UTC)