Malware Information

What Exactly is Malware?

Malware is any unwanted, malicious software including Spyware, Adware, and Viruses. Malware programs often tag along with free software and file-sharing programs which you have downloaded and, without your knowledge or consent, end up installed on your computer. Malware can also come from "infected" websites.

Spyware is software which gathers information about you by recording keystrokes like passwords, credit-card information, and e-mail addresses. Spyware also logs online buying habits, computer hardware, and software configuration. Adware often downloads with Spyware in the form of advertisements - by way of pop-up windows, ad banners, or ad-supported software. As if this isn't bad enough, malware can interrupt your network connection, slow down the performance of your computer, prevent legitimate software from working properly, or even prevent your machine from starting up.

Who Are The Main Purveyors of Malware?

A number of systems on the Lawrence campus running Microsoft Windows have been infected with spyware distributed by a company called Marketscore. This malicious software directs all your Web traffic through the marketing company's servers, allowing them to view any information you send or receive through your browser. To protect campus systems against further spread of this threat, we have blocked connections from our network to the spyware's home servers. If your ability to view certain websites on the Internet has changed, it may be because you were infected with this spyware.

Peer-to-peer (P2P) file sharing programs are some of the biggest Malware-spreading culprits. It is best to assume that all P2P programs have malware bundled with them. Below is a list of potentially infected, free, P2P software programs which you may wish to remove from your computer:

An Important Note About File Sharing
Lawrence is committed to taking reasonable steps to avoid misuse of its campus network, including use of the campus network to violate the Copyright Law of the United States. Please see Filesharing and You.

New Approach To Malware

Until recently, Malware detection was only possible by scanning for infections after they had been downloaded. There is now Malware-detection software which constantly scans incoming files for potential Spyware and Adware. Two currently-available, free Malware scanners include Spybot Search & Destroy and Lavasoft Ad-Aware.

Spybot Search And Destroy
This is a free utility that can locate and remove spyware or adware on a Windows computer. We strongly recommend using this program in conjunction with Lavasoft's Ad-Aware on your personal computers. Both are free.

1. Download Spybot at http://www.safer-networking.org/en/index.html
2. Double-click on the downloaded file and follow the instructions on the screen to install the program.
3. Start Spybot, Start - Programs - Spybot - Search & Destroy.
4. Click Check for Updates and wait while Spybot installs any new updates.
5. Click Immunize and wait as Spybot adds the updates to the software.
6. Click Check for Problems and wait while Spybot scans your computer.
7. When Spybot finishes scanning, it will show you the items it found.
8. Choose the items you wish to remove. Note, you can get more information about each by clicking on the item.
9. Click the Fix Selected Problems button.
10. Click Yes in the confirmation box.
11. When the program is finished, close the program.

Lavasoft's Ad-Aware
Lavasoft's Ad-Aware is designed to provide advanced protection for Windows computers from known data-mining, aggressive advertising, parasites, scumware, selected traditional trojans, dialers, malware, browser hijackers, and tracking components.

1. Download Ad-Aware at http://www.lavasoftusa.com/support/download/
2. Double-click on the downloaded file and follow the instructions to install the program.
3. Start Ad-Aware, Start-Programs-Lavasoft Ad-aware.
4. Under Sections to Scan on the left, check the “My Computer” box, then uncheck the boxes for any removable drives.
5. Click Scan Now.
6. When Ad-aware finishes scanning it will tell you how many items it found. Click the Continue button.
7. Right-click in the Detected components window and choose Check All. Click the Continue button.
8. Click OK in the Confirmation box. Click OK when finished and close programs.

Updating Antivirus Software

If your personally-owned computer is still acting strange after you have followed the above recommendations, it could also be infected with a virus. It is very important to keep your antivirus software and virus definitions current. All Lawrence University-owned desktop computer systems have antivirus software installed and updated on a regular basis. Students with personal computers on the network are required to have antivirus software installed and may download a Lawrence-provided (free) antivirus software program.

To update your personal antivirus software:

1. Use your antivirus software program's automatic update feature to update virus definitions, or go to the manufacture's website to download and install updates.
2. After installing an update, start the antivirus program and run a complete scan of all files on your hard drive(s), including sub folders and compressed files. Lawrence scans your network space, so it is not necessary to scan that area.
3. If any viruses are found, use the antivirus software to clean them, delete them, or quarantine them. If the antivirus software reports that it cannot clean a file, write down the file name and contact the Helpdesk at 832-6570 for assistance.

If your computer is found to be interfering with the network or spreading viruses, it will be disconnected from the LU network. Please contact the Helpdesk with questions or concerns.

Lawrence University, PO Box 599, Appleton, WI 54912 (920) 832-7000 Contact Lawrence