Spyware -opinion on post wanted.

Discussion in 'other security issues & news' started by Peaches4U, Jul 10, 2004.

Thread Status:
Not open for further replies.
  1. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    On another forum advice is being given in that this gentleman claims that spyware is more of a niisance than dangerous claiming they are nothing more than cookies and not related to keyloggers, data miners. I am posting these comments here and would like to have opinions on it especially from the experts. Thank you.

    DrComputer
    Regular Member


    Joined: 22 Apr 2004
    Posts: 99
    Location: Naples, Florida, USA

    New postPosted: Fri Jul 09, 2004 11:57 am Post subject: Reply with quote
    BigCookie, I agree that spyware can be a real pain and with enough of it building up can drastically slow down a computer. But spyware is not keyloggers or e-mail data-miners... these are viruses and a good current anti-virus program should find and remove these types. 90% of spyware is passive "cookie" files used to track your rovings to various websites so that patterns can be established about your presumed habits and interests. With this information collected, advertising companies can tailor pop-up ads that fit those interest with the idea that you are more likely to buy something that matches your interests than you would from a random ad. There are a few active spyware apps that run in the background and "pull in" pop-up ads to your computer with the same theory in mind. Both of these types are not harmful in themselves, but they are intrusive and run without your direct knowledge, and enough of them can slow you down. Almost anything else is not spyware, but viruses. I used the term "direct knowledge" because most of the spyware comes bundled with other programs you install and inadvertantly agree to allow them to run. If you read the fine print agreements, you'll see what I mean.

    By all means, use a spyware checker to keep your system running better. Almost all programs write themselves into the registry. The registry is the central database for all hardware, software and settings for your Windows computer, so if a program is installed it will most likely have entries in the registry. That in itself is not harmful.

    Be proactive about keeping your computer protected.

    Know what you are agreeing to when you install new software.

    Keep your important stuff backed up.


    DrComputer
     
  2. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
    Hey Peaches!

    I don't know if I would agree with the word "most", but it's my understanding that a lot of spyware is more of a marketing tool (ie. Track your surfing habits) than something malicious (ie. out to steal your identity). But I don't have my name listed in the phone book because I value my privacy. That's why I run leading-edge anti-spyware apps, in addition to the best anti-malware apps in general. :)
     
  3. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Did a bit of Google searching and not so sure it is a "marketing tool" as you think it may be- not quite as innocent as we would like to think otherwise there would be no need of anti-spyware programs -:

    Source of info: http://www.cyberwalker.net/columns/feb04/remove-spyware.html
    Spyware is usually an illicit program placed on your computer without your knowledge. This program comes in various forms. It can collect data about you or your computer habits and send it to someone else on the Internet.

    There also a category of spyware called a “Trojan horse”. This is a program secretly installed on your computer and later used to access your computer across the Internet without your knowledge. It can be accessed by pranksters, spammers or even data thieves.

    Spyware programs can also collect data about your habits, collect your files or capture your keystrokes (that variation is called a “keylogger”). This data can be harvested and sent to someone on the Internet.

    Spyware can also lie dormant until you are active on your computer and then forces ads at you (that's what's happening to you).

    Less ethical marketing companies create programs to hijack your web browser and convert its homepage from one you choose to one run by the marketer. These nasty programs also prevent you from changing the homepage back using programming trickery.

    Besides the obvious problems with privacy and security, spyware also hogs precious system resources like memory and hard disk space, slowing your computer’s processing ability, and in some cases boot up time. If used to commandeer your email and Internet connection, spyware can be used to send spam from your computer or launching malicious attacks on other computers on the Internet, making it look like you are at fault.

    So how did it get there? Well, spyware gets on your computer through a variety of mechanisms. It can download as part of a free program. It can also arrive secretly via an automatic download behind the main window of a web site. This is common on questionable web sites like those that contain pirated software or adult content.

    Spyware will also piggyback on free downloaded programs. Sometimes authors of software make revenue by including them in their downloader packages. They can also be contracted via instant messenger (Internet chat), if someone sends you a program or via email as an attachment. Chances are you have some form of spyware on your computer right now, especially if the computer you use is a communal family PC that children use to play games on.

    >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

    http://pcworld.co.nz/pcworld/tipworld.nsf/0/AD6862D13F470E2BCC256EBE000AC9E1?opendocument

    Fight back against spyware

    You probably know by now that using a computer can be hazardous to your privacy, especially if you use your system online. But your privacy can be compromised even if you never link to a network. Sure, websites track your browsing habits with ads, cookies and web bugs, and they sell your personal information to marketers. Also, spyware and adware install on your PC by piggy-backing onto file-sharing utilities and other free software downloads.


    While testing various antispyware utilities for a PC World feature last September, I discovered that two otherwise top-notch spy catchers,Lavasoft’s Ad-aware and PepiMK Software’s Spybot Search & Destroy, weren’t particularly good at finding the keyloggers that I had running in stealth mode on my test PC. Two other programs — PestPatrol’s PestPatrol and Webroot’s Spy Sweeper — were better, but still hit-or-miss. No productfound all the key*loggers I had installed, and even when they did find one, seldom could they completely disable or remove it.

    While most of those programs — both the keyloggers and the antispyware utilities — have been updated since my tests, one thing is undoubtedly still true: the more anti-spy tools you employ, the better your chances of detecting a stealth keylogger. Everyone who connects to the internet should install and use both Ad-aware and Spybot as a matter of course. To do a more thorough scan, add PestPatrol and Spy Sweeper to your counter-espionage arsenal. Both programs are available in trial versions (see “Keyloggers begone” below for download details).
     
  4. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    There's a pretty good article at ComputerWorld that I think says a lot:
    http://www.computerworld.com/securitytopics/security/story/0,10801,92784,00.html

    I recently helped a friend clean his computer of the entire spectrum of benign to malicious spyware that all came in through simply browsing the web. As the article mentions, the actual spyware may be in and of itself harmless, but it's still a definite vehicle for more harmful malware. Sure, a screen popping up isn't going to steal your information, but what about the site within that pop-up? My guess is that CWS was a major culprit in my friend's case, too. Sure, "stay away from porn sites", but what happens when you get a hijacker that doesn't give you a choice? Harmless?

    Sometimes it seems like it's pretty easy for some of the more "expert" users to give advice saying to "just be careful and pay attention to what you're doing", but not everyone knows what to watch out for; everyone starts somewhere. In my friend's case, this was his first computer that he got all of a couple months ago. At least he TRIED to get a scanner. Not to mention the fact that these things are specifically made to slip in under the radar.

    I think it's also worth noting that things in the world of malware aren't the way they were a couple years ago. I've still got friends (that should really know better) saying that they really aren't at risk because they don't open email attachments unless they know for certain that they're ok, and don't think about spyware at all because they don't download software or click 'yes' to gator. :rolleyes: They are under the impression that a freeware antivirus and a hardware router are more than enough to keep everything at bay, and nothing will convince them otherwise until they have their information stolen. My guess is that the person that wrote that post is of the same mindset. If I were to reply to that post, I would probably mention CWS as a prime example with a few links for further reading.
     
  5. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
    Peaches - Agreed. When your talking AdWare, that is the categorey of Spyware I was referring to. And there is a lot of that around, and I understand that is primarily used for marketing puurposes (display certain ads, popups, etc). Now when your talking Trojans, THAT is definately bad stuff.
     
  6. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    WHOAAAAA...... That gent just needs to slip into virtually any forum in the net and take a gander at all the HJT logs.

    Not keyloggers, etc. etc... man... Try telling that to some of the AV Vendors THAT... they disregard most of it. [Probably rightly so, but if that blanket statement says those are not spyware, but viruses/trojans, etc. than where does that leave the infected user]

    IF only it were that simple, hell, I don't give a rats arse about "cookies/data miners" etc. Those are waaay to easy to control... but.. how about he gets a dose of CWS infection sometime and see if that opinion will remain the same. "Just a nuisance"... phew!!!!...

    Peaches, I would strongly advise you tell him to pop into this forum and start reading some of the HJT threads in here and tell THEM that it's JUST A NUISANCE....

    Sorry if I sounded off a bit, but such a blanket statement like that certainly infers he does NOT understand the ramifications of such infections. Hell, even the guys/gals who are dedicated fighters in here, are finding it difficult to get rid of some "strains of a simple virus" LOL.

    and this:

    How about those simple "drive-by shootings" of CWS infections, nothing dl'd at ALL by the end user, just a simply visit to website, couple clicks, etc. and wham, infection more serious than a bloody dose of cholera [well that's a bit strong LOL, but you get what I mean].

    hmmm.... I've prattled on enough..

    Cheers, TAS
     
    Last edited: Jul 11, 2004
  7. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    [

    It is about to get that bad unfortunatly. :mad:
     
  8. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,878
    Location:
    New England
    My impression is that his post (meaning the person quoted from the other forum) would have been much more true if things were like they were back a year ago or so. Most spyware back then was stuff that installed (came bundled) with other software. Ad-aware and/or Spybot removed most of it automagically. It seems, as TAS is pointing out, that he is just simply behind the times and needs to look at today's spyware.

    As the expression goes, this is not your father's spyware anymore!
     
  9. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    PRE-CISE-LY!!!

    Good point LWM... geeze even just 6 months back it was almost a delight to go "grab a baddie" and watch Ad-Aware/SSD/whatever take care of it for fun. NOT anymore...

    TAS
     
  10. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Thank you all for the most valuable opinions. The points you have made is exactly what I was trying to explain on that forum. I felt that the post this gentleman made was misinforming newbies to computers. Thank you for giving me the backup I needed to backup my post which disageed with the original advice given. I basically learned everything about computer security right here at Wilders and have been running pretty much a trouble free computer for approx. a couple of years and using IE as well. I am now running Mozilla Firefox as an alternative browser. Anyway, even if I do not post here as often as I used to, I still visit pretty much daily to see what is happening. I wouldn't have it otherwise. :D I shall give the link to these forums as suggested, and hopefully those seeking advice will also visit and learn, perhaps join. ;)
     
  11. Ronin

    Ronin Guest

    Indeed. You see the same "Experts" claiming that they can keep their IE clean by just using ad-aware and spybot +AV,

    These days increasingly, spyware are using unpatched exploits to install and merely running ad-aware and spybot is not sufficient.
     
Loading...
Thread Status:
Not open for further replies.