Subscribe to Tech News

Article Archive: Troubleshooting

The Spware Battle Rages On


written by Jason Hutchins
Tech News Staff Writer

At best, Spyware consumes resources and slows down your computer. At worst; Spyware is a conduit that downloads Trojans, Keyloggers, and Viruses to your computer without your knowledge.

The term 'Spyware' covers a broad spectrum from often harmless Adware (advertisements) that report your web usage for advertisement purposes to Malware (malicious applications) intended to harm your PC for profit or fun.

A recent report from the Department of Computer Science & Engineering at the University of Washington found that in a sample of over 2,500 domains, 4.4% had infected Spyware executables. While many were annoying but relatively harmless, an alarming 13% of Spyware from the study were designed to download Trojans to the infected computer.

Once present, Trojans present risk to not only the users' machine, but to the entire organizational network. Proper removal typically requires quick research on the particular infection to select the appropriate removal process and, in certain instances, may require the computer drives to be formatted, essentially re-building the PC for the user. 		 
Spyware FunctionNumbers exceed 100% because many Spyware installs have multiple purposes.
Source: Department of Computer Science & Engineering, University of Washington


How does it get there?
 Spyware applications are often installed on a user's PC without his/her knowledge by being bundled with freeware or shareware applications. Common culprits are sites that provide 'free' screensavers, wallpaper, and games that are bundled with Spyware. Sometimes these sites even advertise free Spyware removal tools!

Alternatively, applications can be installed without consent through browser vulnerabilities that permit automatic 'drive-by' downloads simply by visiting a site. Often Spyware includes code used to gather and transmit information about a user's online activity/behavior to a third party. This statistical data can be used harmlessly for targeted marketing purposes. However, in an ever growing number of cases, the intent is to report to an external organization particular vulnerabilities that exist on a specific computer - allowing future contact for harm.

 

Definitions
Spware
Trojan Horse
Malware
Adware

Spyware Study-PDF
A Crawler-based Study of Spyware on the Web
This 17 page PDF report was recently published online by the Department of Computer Science & Engineering from the University of Washington

Cyberthieves Silently Copy as You Type
NY Times Feb 27, 06. (Free Subscription may be required)

AOL/NCSA Online Safety Study
PDF Report - A December 2005 study by America Online and the National Cyber Security Alliance found that 60 percent of PCs were infected by some form of Spyware.

Spyware Triples During 2005
InformationWeek: Spyware tripled during 2005, became ever-more sophisticated and stealthy, and attached itself to U.S. computers at rates above any other country, a security company says.

Editors' Note: Tech News does not endorse any particular software provider listed in this article.

  

Many nonprofits have a high Spyware risk.
 From a cultural standpoint, many nonprofits have 'high-risk' computing environments.
  • Networks without a proper domain login process or those without dedicated onsite IT staff often allow individual users to be the administrator of their computer allowing them to install software.

    While convenient for nonprofits without a dedicated IT staff, software installation rights can be abused without a user's knowledge. Domain controllers allow nonprofits to implement group policies that restrict access to harmful sites and limit a user's ability to unknowingly place the network (data) at risk.

  • Computer Labs often service many clients but are connected to the main organizational network.

    Many agencies running computer labs are struggling to keep up with the maintenance on these high-risk machines. A modest project would be to contain your computer lab on a separate network providing an effective quarantine for the organization as a whole, resulting in fewer sleepless nights for IT staff.

  • Often several part-time staff members or volunteers share a computer.

    These computers provide similar vulnerabilities as the computer lab but usually need to run on your network and access shared server folders and email. These client computers can be protected by limiting user privileges to their lowest level and watching them more closely during maintenance sweeps.


    How to get rid of it.
     Even without harmful Trojans, Spyware slows down client computers by consuming memory, bandwidth, and processing power so it is always best to limit and remove as many 'unharmful' instances as possible.

    Despite the enormous growth in tools to remove unwanted elements from computer workstations, it is common to utilize multiple tools to complete the task. In this sense, your protection is often a layered approach. For instance, Symantec Virus protection on the client computer may locate a Trojan but the infection may be sophisticated enough to encumber Symantec's ability to remove or quarantine the bug. However, armed with information about the problem, you can conduct some research to learn more about how it operates and how to remove it.


    Adaware

    Pictured above is a free adware remover from Lavasoft         		  Top 5 AntiSpyware recommendations from ConsumerReports.Org

    Microsoft AntiSpyware (free)
    Webroot Spy Sweeper (free)
    Computer Associates eTrust PestPatrol
    Spybot Search & Destroy (free)
    Ad-Aware SE Plus