What
is spyware?
The writers of the Lavasoft webpage said it best, "While the Internet is a powerful resource and provides users with many useful and often entertaining things to see and do, it also has its dark side."
Most people are familiar with freeware, shareware, cookies, media players, interactive content, and file sharing. What they may not realize is that some of the aforementioned may contain code or components that allow the developers of these applications and tools to actually collect and disseminate information about those using them.
They can track your surfing habits, abuse your Internet connection by sending this data to a third party, profile your shopping preferences, hijack your browser start page or pages, alter important system files, and can do this without your knowledge or permission. The security and privacy implications of these exploits should be quite obvious and undesirable on any system or network!
In layman’s terms spyware is software that “sneaks” onto your computer and records every thing you do on the Internet. It records what websites you go to, what adds you click on, what you purchase, and in some cases it may record your credit card numbers, home address, as well as other personal information. Unfortunately the problem is worse than it seems. At this time this software is not only legal but is accepted as the “primary business model of the Web.”
Imagine if you went to the mall and, as you walked in, a group of people started following you around recording every store you went in, everything you purchased, what you used to make the purchases, and then followed you home. Then the next day this group of people called all their friends that sold products similar to what you purchased and invited them over to your house to barter their wares. Imagine if locked doors and security systems couldn’t keep them out. That is essentially what spyware does.
Are you infected?
-
Getting a lot of spam mail?
-
Been linked to a website that you didn’t expect?
-
Having problems with pop-ups?
-
Had your homepage change unexpectedly and without asking you?
-
Notice a lot of ads on the web that have your name and possibly other personal information on them?
If you answered yes
to any of these questions then you are likely infected.
How does spyware “sneak” in?
Generally, all it takes
is to visit a website that has a spyware “bug” programmed into the code. These
“bugs” are little pieces of code that install spyware programs or create cookies
(a file that may contain personal data about you and what you do on
the web) with or without informing you. Sometimes, however, spyware simply
lures you in with promises of good deals or free merchandise and you install
it yourself.
What are some examples or spyware?
The most common that we have found here at LSUHSC-S are Gator, Gain, Precision Time, Date Manager, and Hotbar. Gator is a web tool that stores the information you use in online forms to “help you fill them out more quickly,” but what it really does is take that information and sell it to advertisers. Gain records data about you as you surf the web and uses that data to determine what products you would be interested in, and then pops up advertisements for companies that have paid them to collect the data. Precision Time seems like a harmless program that keeps your computers clock set to the correct time. What it actually does is store information about you much the same as Gain and Gator. Date Manager allows you to schedule important dates and receive reminders when the time has come. It also stores and sends personal information of course. All four of these programs are distributed by the same company, Gator, and will install each other if you chose to install one. Hotbar is one of the newest spyware programs. Most commonly known for allowing you to send colorful email and/or customize the appearance of Internet Explorer, this is also a data miner (software that stores personal information) that sells your personal information to advertisers. Just about every computer we work on here has one if not all of these programs installed. And these are the ones that are easy to find.
What else can spyware do?
One of the most notable issues with spyware, other than collecting personal data, is the fact that it “phones home” so to speak. After spyware has collected information about you it will send that information back to the programs producer. This is done using your Internet connection. Ever notice your computer sending/receiving data across the network when it should have been sitting idle? If you have enough spyware, it can severely limit the speed at which you can connect and use the Internet. Another problem is the instability of these programs. Has your computer started to crash when you are surfing the web, or does it lock up when you are reading your email sometimes? The problem could be spyware. Often this is the first indication that you have spyware installed.
How do I get rid of it?
This has been the talk of the town as far as Internet based security is concerned. Currently, there are several products on the market for the removal of spyware. We have used two on several machines at LSUHSC-S; Lavasoft’s Ad-ware and PepiMK Software's Spybot. We suggest that you use both.
To install and use Lavasoft’s Ad-ware click on the link for our server (\\sh-csrv1\Guest\Utilities\Spyware-detect) and then the adware and 6.0 folders. Now double click on the file aaw6.exe and follow the instructions to install.
To run the software, click
on the icon it placed on your desktop 
and it will start the program, which should look
like this:
After updating, click the start button:
Click next to start the scan. It will look something like this:
It will take a while to finish the scan, but when finished it will look something like this:
Then, all you need to do is check the objects you want to remove and click next. It will prompt you before removing files:
From there you click OK and it will remove the objects you selected.
For Spybot, you go to the same server as above and click on the spybot folder and then double-click the spybotsd13.exe file. During installation you have the option to create a shortcut on your desktop and in the quick launch toolbar. You may want to deselect both. After it is installed, run the program by clicking Start, clicking Programs, clicking Spybot-Search and Destroy, and then SpybotS&D-Advanced. It should look something like this:
As with Ad-ware you should update before running every time. Click on “Search for updates” and then the “Search for Updates” button in the screen below:
When it is finished, check the updates you want to apply and click “Download Updates.” Now to start the scan, click on “Search & Destroy” on the left, then click on “Check for Problems” as encircled below:
This will start a scan, and as problems are found they will be listed:
When finished, the “Fix selected problems” button while become active. Spybot behaves a bit differently than Adware. It scans for spyware and spyware-like activity as apposed to just the spyware like Adware. Because of this, it will find some things they may not be spyware, but behaves in a similar manor. It will leave these items unchecked, and we suggest you not check them. If, in the future, they are determined to be spyware, they will be listed as such in the next update and will be checked with the next scan.
Running these two scans will keep the spyware to a minimum, but paying closer attention to what you click on and what sites you visit will have a greater impact.
As stated before, right now spyware is legal, but there will be a Federal Trade Commission hearing about this very subject soon. If you want to help the cause by submitting a complaint against one of these spyware producers, go to the FTC site and follow the File a Complaint Online link.
Links with information on spyware and removal tools:
http://www.simplythebest.net/info/spyware.html