Parasites in Windows

People who run businesses on the internet are being assaulted by 'parasite' Windows programs that silently divert money from legitimate e-commerce. These parasites are quietly loaded when you install an ordinary program or 'carrier'.

Imagine an insect had bored a hole in the wall of your bank and was draining your bank account, $5 at a time.

People who run businesses on the internet feel that way these days. They're being assaulted by "parasite" Windows programs that silently divert money from legitimate e-commerce.

These small programs aren't computer viruses that replicate themselves. Instead, parasites are quietly loaded when you install an ordinary program or "carrier". The New York Times made waves recently when it said the music-sharing programs Kazaa, Morpheus, LimeWire and others had shared more than just tunes by installing parasites on millions of PCs.

Here's what these "shopping plug-ins" do:

Fake commissions. Internet businesses typically pay a commission of 5% or so to smaller, "affiliate" websites that send shoppers who buy something. But when a PC user infected by a parasite visits an e-business, the parasite inserts a code that routes a commission to its carrier, even though it did nothing to refer the visitor. This has been shown to suck countless dollars from Dell.com, Buy.com, OfficeMax.com, Staples.com and many other sites (see Speedy3D.com).

Steal earnings. In some cases, a parasite detects that a user is clicking an affiliate's link to an e-tailer. The parasite deletes the affiliate's code and inserts its carrier's code, stealing the small site's revenue (see CounterExploitation).

While this problem siphons money from legitimate businesses, here my main concern is with the way parasites -- and older pop-up programs called "adware" -- make your PC less reliable and more crash-prone:

Rude install. If you click Cancel while installing a carrier program, some parasiteware silently installs itself anyway (see Accs-Net).

Firewall-hostile. Your firewall may prevent a parasite from exploiting your internet connection. If so, some malware starts trying to connect 10 times a second, then tries using Telnet and other ports (see Catless).

Lockouts. After finding that your browser's Start Page and Favorites have been changed by a parasite, you may try to turn off the little bugger. Then you discover that it has disabled your Internet Options dialogue box and your Registry Editor (see SpywareInfo).

No access. After you delete some parasites, your internet access is effectively broken, and you can't connect (CounterExploitation).

Next week I'll describe ways to detect and safely remove parasites.

Send tips to contributing editor, Livingston. He regrets that he cannot answer individual questions. Send letters for publication in Computerworld to Computerworld Letters.

Join the newsletter!

Error: Please check your email address.

Tags Window Manager

More about Buy.comDellLivingstonMorpheusOfficeMaxStaplesTelnet

Show Comments

Market Place

[]