Is Spyware now a threat much common than Trojan?

Discussion in 'other anti-malware software' started by iwod, Dec 27, 2004.

Thread Status:
Not open for further replies.
  1. iwod

    iwod Registered Member

    Joined:
    Jun 25, 2004
    Posts:
    708
    I am getting the idea that new Spyware is now poping out from no where and is more messy than Trojan/Virus.

    What do you think?

    And Any good Spyware / Adware Resident Monitor?
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi iwod, Spyware is becoming much more clever than simple viruses & Trojans as far as I can see. :(

    One of the main reasons for this is that a lot of the time uneducated or naive users will click yes to everything they see on the Internet thus giving permission for larger and more dangerous payloads to be installed on their machines.
    Also many users do not realise that browser default settings, quite often, allow spyware to be installed automatically

    In both scenarios these infections include and are not limited to trackers, keyloggers, diallers, bots, worms & RATs. - Once installed, many of these can phone home and download more malware thus enabling them to infect and spread in many different ways.

    I notice some of the latest spyware can also install as a service. How long will it be before rootkits are part of the payload? I dread the thought!

    Unfortunately no single security program can cover all of these bases mentioned, so a layered defence is becoming more and more necessary nowadays.

    To name few AntiSpyware programs that include some form of resident protection try AdAware Pro (AdWatch), Spy Bot S&D (teatimer), SpySweeper, Giant AS, SpywareGuard & Spyblocker.

    Pilli
     
  3. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    I just wonder how long it is going to take for the spyware/adware companies to recognize that they are doing a disservice to licensed users when these reputable companies go 5-10+ days between updates.

    I get very annoyed at those companies that charge an annual update fee and then do not provide timely updates for the spyware/adware definitions. :p Users should start contacting these companies routinely when they fail to update frequently. JMO :mad:
     
  4. Ronin

    Ronin Guest

    Well ad-ware for sure is designed to be harder to remove. Trojans (backdoors,rootkits etc) are designed to work silently, their defence is being hidden.

    For ad-ware to work, it has to be "in your face", as such it has to be very very tough to remove. Otherwise any tom, dick or Harry could remove it. Heck these days it has to be resistant to any Tom , Dick or Harry with HJT even.
     
  5. iwod

    iwod Registered Member

    Joined:
    Jun 25, 2004
    Posts:
    708
    Now i am getting all confuse.........

    I suppose when you said your browser default allow Spyware Auto install itself, click yes etc... was directing at I.E, So in theory Firefox user without Active X support elinimate 90% of this problem?

    You suggested that Spyware is trackers, keyloggers, diallers, bots, worms & RATs. But does Spyware include trojan?

    Now adways there are too many protectoin program. For all sort of purpose. And is very Confusing. Giant, For example name itself as Anti Spyware but also offer protection of Trojan and worm.

    Virus Program name most of these "threat" as a generic term Virus. However apart from KAV i don't see any AV that is a full blown protection for Worm and keylogger... etc

    The word Adware.......... what is it? And so What is Spyware? Doesn't Trojan now get a bit mixed with Worms? And which Catagory of Software ( i.e AT, AS or Anti - Adware ) Should protect us against keylogger? Another sub catagory for AK?

    So for example, Would TDS provide enough protection for Spyware? Or would i need to work with Worm Guard, Now... how about Keylogger Guard? And how many little things do i need in tray icon to be enough protection?

    I mean.... why can't a product just tell me. It protect me from Keylooger,, Trojan..... instead of such generic term Spyware. Honestly....... someday a company would come up with something such as anti threat.
     
  6. bigbuck

    bigbuck Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    4,877
    Location:
    Qld, Aus
  7. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    RAT = Remote Access Trojans but yes all typesw of Trojans can be downloaded with spyware.

    Nope I doubt one company will come up with an all in "Anti threat" mainly because many of these malwares require specialist treatment.
    IMHO If such an all program was made then it would be a very big target for the crackers and hackers and would be broken within days.
    A layered defence is still your best bet.

    BTW ProcessGuard will stop many malware programs from even starting without user permission, PG stops keyloggers dead and all without using any daily updates ;) Prevention is far better than cure.

    Pilli
     
  8. bigbuck

    bigbuck Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    4,877
    Location:
    Qld, Aus
    Maybe a good system image on a backup HDD?
     
  9. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Yep, All part of a layered defence :) I use First defence for a secondary snapshot, which is much quicker to use whilst Beta resting etc. and also do a Weekly Ghost image to another hard disk if the sh*t really hits the fan ;)

    Cheers. Pilli
     
  10. bigbuck

    bigbuck Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    4,877
    Location:
    Qld, Aus
    Yep....that's my method! Beats system restore!!!!
     
  11. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    One day we can't browse on the net without fear...

    And a fast computer, becames low because all the programs that we have to install to protect us...
     
  12. bigbuck

    bigbuck Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    4,877
    Location:
    Qld, Aus
    it's a jungle out there!!!
     
  13. Ronin

    Ronin Guest

    At one point in time, it was so common for malware to exploit ActiveX to install that a new name was coined for them "ActiveX driveby downloads".
    So yes with firefox you will be protected from that class of malware.

    Spyware in my view is a very vague term. It's arguable whether something is spying or not. This can be seen at the FTC workshop a while back where people struggled to define their software as merely adware and not spyware, A keylogger for sure is spying. What about adware that merely tracks your browsing activities and then customises Ads (Opera free), does it matter if it doesnt keep records? Or if it only "Aggregates statistics by demographics"?

    A keylogger, dialer, backdoor, browser hijacker, and to a lesser extent rootkit is much clear in terms of defintion.

    I think this is very important. Most users are very confused on whether their software protect them from "spyware". Spyware in what sense? In the adwareish type ? Sure Spybot S&D does it. But if we are talking about keyloggers and backdoors, RATs etc probably not.

    See what I mean?

    The problem is these days the categories are not that distinct. You have worms that drops user rootkits, worms that drops adware and spambots etc.

    Here's how I understand them.

    Virus/Worm/Trojan - This is mainly concerned with the mode of propogation. There is one other mode of propogation via browser exploits that might or might not be considered a worm.

    Then there is classifying malware by function

    Adware (sub classes exist under this)/Keylogger/Backdoor/RAT/dialers (generally classed under adware)/ (Kernal-user rootkits are probably classed under Backdoors and RATS) etc.

    In my view, malware that fall into the category of worms or viruses (and to lesser extent those that spread via exploits) are of less concern, since they spread fast and are quickly added to the signature datbases of most decent AV scanners.

    Those that act as trojans, are more dangerous, since they are less likely to be detected by the normal scanners, it's your choice whether you want to get specialised software to detect them, but the consolation is that trojans cant hurt you unless you run them.
     
  14. iwod

    iwod Registered Member

    Joined:
    Jun 25, 2004
    Posts:
    708
  15. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    I believe there is a very good explanation posted already to your question in that thread. ;)



    snowbound
     
  16. Jimbob1989

    Jimbob1989 Registered Member

    Joined:
    Oct 18, 2004
    Posts:
    2,529
    One could argue that the best idea would be to prevent the problem instead of clearing up after it.

    Jimbob
     
  17. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Jimbob, This has already been stated :)
    Post 7 of this thread :)
     
  18. scott lang

    scott lang Registered Member

    Joined:
    Oct 20, 2004
    Posts:
    211
    Location:
    claremore,ok
    spyware is kinda like a trojan in some ways. it sometimes hides in the prg you get and upon opening or installing then bamm there it is. sometimes they ask you when installing if ya want it, but mostly they just slap themselves to home without you knowing it. they wrap it up in a kinda prg shell that sometimes even the best detector prgs cant see until its to late.
     
  19. Jimbob1989

    Jimbob1989 Registered Member

    Joined:
    Oct 18, 2004
    Posts:
    2,529
    You could also say it shares some characteristics with adware.

    Jimbob
     
  20. iwod

    iwod Registered Member

    Joined:
    Jun 25, 2004
    Posts:
    708
    Sorry i must be very very stupid........

    But on topc of the thread we said Spyware was a vague term. And we said that it pretty much is a combination of trackers, keyloggers, diallers, bots, worms & RATs.

    So does spywareguard guard against all this? I mean there is nothing wrong with the reply about SpywareGuard. But just someone could change the quoted answer and replace the word spyware with something else more specific. As i can't find much infomation on "Spyware Prevention"

    So how does Spyware Guard play Against Teatimer?

    I know you all say layered defense is good. So i should have no problem with Spywareguard, Just use it and it doesn't hurt. But the problem is i don't have infinite Ram and i want to know what i am putting on my computer.

    Honestly i always thought Spyware Guard was only to prevent Active X malware download and Broswer Hijack. Since every company has a different dinfinition for spyware / malware / adware..........

    ( One thing my dad always scold me as a techie is how many terms we use for one simple things......... i used to disagree with him. Now i finally understand what a Stupid world i am living in >< )

    P.S I want to thanks Pilli for spending so much time answering my long and stupid Post. And all others who have inputed so much.

    Another thing off topic.. I have ask this b4, why don't those Guest register? I have seen a lot of good input around the forum from Guest......... I think is Funny cause it is another thing i don't understand ;)
     
  21. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    You are welcome

    Ther are many reasons, I can mention a few :)
    Personal Privacy, Forgotten login, on someone elses computer, working away from home, vacation & finally paranoia :) etc. etc. I expect there are loads more.

    Cheers. Pilli
     
  22. I hope this helps.... I regard adware, keyloggers, and perhaps dialers as spyware because they're types of software that spy on you in some way shape or form. Whether JUST for the purpose of delivering ads or maybe some more fiendish purpose. RATs are a type of trojan and worms are probably on a category all their own as they are just out to destroy. SpywareGuard gives you a general protection against malware (spyware included) because it watches key points of your system such as your browser's settings and maybe the Windows Run keys I'm not sure. It wouldn't hurt to run SpywareGuard along with TeaTimer unless there is a compatibility issue I'm not aware of, that's not likely anyway. TeaTimer has some extra features that SpywareGuard doesn't. It kills known bad processes and I think I heard somewhere that it also scans your system while in the background.

    Actually you're thinking of Spyware Blaster in this case.
     
  23. Ronin

    Ronin Guest

    Of course "spyware" could be a trojan. Almost any of the other malware categories can be classed as a trojan if it depends on the user being tricked into running it.

    Then it's not a trojan in this case.

    I disagree about adware. Even with the loosest definition of "spyware", not all ad-ware can be considered spyware. The original meaning of adware just mean ad-sponsored software. This included programs that merely displayed a static Ad banner every time you closed or opened the software, it does not attempt to connect any external server.

    Also how about browser hijackers? Those are considerd adware, but they don't "spy" on you. Not any more then google does anyway :) But all this semantics.

    I suspect this protection is somewhat minimal. As anyway attempted to truss out what exactly it monitors? Seems to me it has being surpassed by tea-timer or any of the other registry monitors.

    The only reason I would use it, would be if the real time scanning engine is any good.

     
Loading...
Thread Status:
Not open for further replies.