Adware covers programs designed to display advertisements (usually in the form of banners), redirect search requests to advertising websites, and collect marketing-type data about the user (e.g. which types of websites s/he visits) in order to display customized advertising on the computer.
Other than displaying advertisements and collecting data, these types of program generally do not make their presence in the system known: there will be no signs of the program in the system tray, and no indication in the program menu that files have been installed. Often, Adware programs do not have any uninstall procedures and use technologies which border on virus technology to help the program stealthily penetrate the computer and run unnoticed. Penetration
There are two main ways in which Adware gets onto a user’s computer:
it is built-in to some freeware and shareware programs
The main purpose of Adware spread via the first method is to extract a type of payment for the software by showing advertisements to the user (the parties who make the advertisements pay the advertising agency, and the advertising agency pays the Adware developer). Adware also helps cut expenses for software developers (revenue from Adware encourages them to write new programs and improve existing ones), and it helps cut costs for users, too.
Hacker technologies are often used when advertising components are installed on a user’s computer following a visit to an infected website. For instance, the computer can be penetrated via a browser vulnerability and Trojans designed to stealthily install (Trojan-Downloader or Trojan-Dropper) can be used. Adware programs that work in this way are often called Browser Hijackers.
There are two main ways in which advertising is shown to the user:
by downloading advertising text and images to a computer from web or FTP servers owned by the advertiser
In addition to displaying advertisements, many advertising systems also collect data about the computer and the user, such as:
the computer’s IP address
If Adware does not notify the user that it is gathering information, then it is classified as a malicious program (Malware), specifically covered by the Trojan-Spy behaviour.