Solved

how do anti Spyware software detect spywares ?

Posted on 2004-10-18
4
190 Views
Last Modified: 2013-12-04
Hi all,

can any one tell me how exactly Spywares (adware mal ware etc) are detected and removed by anti spyware softwares like Webroot etc?

I know its using a spyware database and compares with the database to findout . But ithink its different from normal virus detectionmethods, because each and every spware is moreorless unique.....

 i searched for materials... nothing fruitfull i got neither the product site is not giving the technology


wating for ur replies.....


Netmanu
0
Comment
Question by:netmanu
  • 2
4 Comments
 
LVL 12

Expert Comment

by:rossfingal
ID: 12338251
Hi!

Don't know if this is exactly what your looking for, but you may find this interesting:
http://www.intranetjournal.com/spyware/index.html

RF
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 12340316
rossfingal's link appears quite good - though I only very briefly skimmed it.  I'm not sure it will answer the question you asked.

My answer is that spyware/adware removal programs work essentially the same as antivirus software.  They issue periodic "definitions" (demonstrated by my favorite, spybot S&D), and these definitions essentially tell the software what characteristics to look for.  Registry settings (in one of the 30 or more places software can start from), files, etc.  It then goes and deletes the offending items - once you tell it to.
0
 

Author Comment

by:netmanu
ID: 12345240
ofcourse the viruses and spywares are similar...... and teh solutoins for them works based on a common architecture of comparing teh specimen with a database regualrly updated from vendor's site................ But  viruses(worms)  spread automatically without user permission and hence the Antivirus vendors will get an infected file as soon as there is an outbreak and the vendor release a signature. In the case of Spy ware , as i understand the situation is entirely different... they dont spread automatically.... they get installed in ur pc either along with some other jenuine software or when u click on some advertisement links while browsing....so how does the anti spyware companies get each new spyware specimens for making a signature? how effective is their system for collecting these signatures?
0
 
LVL 12

Accepted Solution

by:
rossfingal earned 50 total points
ID: 12345803
Hi!
How do anti-spyware/malware companies get specimens to add to ref files? -
submissions.
Here's a couple:

http://virusscan.jotti.dhs.org/  (file submission)

Lavasoft Submission Site: http://www.lavahelp.com/submit/

RF
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
OfficeMate Freezes on login or does not load after login credentials are input.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now