how spyware works

[Noxaer]

I searched the forum, and unless I misinterpreted a title, I did not see any thread that detailed how spyware and antispyware software work. Can anyone tell me? Or perhaps I'm just a moron, in whichc case I need someone to point me in the right direction...
Thanks.

 

[electronicsfreak]

spyware works in watching what you look up and research and then throws pop up adds pertaining to the matter to get your attention to try and visit there site and purchase something. Some spyware is so severe it almost forces you to purchase something in order to get rid of it unless you know the proper tools.

adware is programs that download and install spyware

malware is programs that can harm the computer

 

[MasterRacker]

This is how Ad-Aware (

http://www.lavasoft.de

) categorizes threats:

Data miner
The application is designed to collect information about the user and does so actively. This may or may not include transmission of the information to a remote server, but the server is owned by the company producing the detected application and more importantly, the information collected is disclosed to the user via privacy policy and/or licensing.

Malware
These are malicious software designed to do harm to a user's system or to other systems that is not specifically a VIRUS.

Monitoring Tool
This category includes remote access Trojans (RATs), Root Kits, etc.

Vulnerability
The application employs the use of system and/or security vulnerabilities to install on a system and to operate.

Misc
This category is for use with applications that do not fall within the other categories but are noteworthy for the user due to matching criteria listed in the TAC. The criteria however do not point in the direction of a specific detection category.

Dialer
The application is designed to change the user's DUN (Dial Up Networking) settings to dial numbers that the user does not know about, to connect to a number in stealth, and/or to avoid being detected by the user such as dialing expensive connections where the user has not authorized the connection.

Worm
This is a self-replicating virus, Trojan, and/or virus designed to propagate across many systems and/or networks. While Ad-Aware does include some well know virus, Trojan, and worm content, it is not an antivirus or antitrojan solution so it is important to make sure that you have a specific solution installed on your system and/or network.

MRU
This is a listing of the Most Recently Used lists stored in your registry. They are harmless and consist only of things such as the most recent document you opened. They are included in Ad-Aware due to requests from users and to highlight the fact that they are harmless where some antispyware applications will list them as being potentially harmful in an attempt to appear to detect more content than they actually do.

Spyware
These applications collect information, may or may not install in stealth, and are designed to transmit that information to 2nd, or 3rd parties covertly employing the user's connection without their consent and knowledge. The word defines the actual intent; this is software (ware) that is designed to collect information in secret (spy).

Adware
This is content that is designed to display advertising to the user that may not be expected or wanted. While some also categorize advertising applications that may include tracking features or capabilities as Adware, we place them within more descriptive categories such as Trackware or Data Miner to provide more information to the user. Most often included in freeware bundles or as additional (and/or required) content with shareware. Adware is generally innocuous and consumers may want to remove this content if they no longer wish to receive the advertising content. They may wish to keep them though if the programs are required for the use of a host application.

Trackware
This category is separate from Data Miners in that it is passive in nature. This category can and does include content such as tracking cookies and those that collect only anonymous information like GUID's and/or sites visited, etc and does not include personally identifiable information.

Exploit
The application employs the use of a software or system exploit to install and/or operate.

Keylogger
This category is for applications that are designed to record and/or transmit keystroke information.

Annoyware
This is a special type of Adware that causes an excessive number of popups/popunders, is designed to force advertising even when not connected to the internet, can cause noticeable system and/or bandwidth slowdowns, and in general is intrusive to the point of frustrating the system user.

Hijacker
These applications are designed to hijack the user's home page, HOSTS file, browser favorites, chosen search engine, and/or system settings.

Virus
A virus is a self replicating program designed to inject itself into other programs and causes harm to the system it is installed on. This can include damaging files, folders, directory structures, and even erasure of the complete hard drive. While Ad-Aware does include some well known virus content, it is not an antivirus solution. It is important to make sure that you have an antivirus specific solution installed on your system and/or network.

<sub>Jeff
[purple]It's never too early to begin preparing for [/purple]International Talk Like a Pirate Day

"The software I buy sucks, The software I write sucks. It's time to give up and have a beer..." - Me</sub>

 

[Noxaer]

Okay, but does anyone know how anti-spyware software works?
How do they find, identify, or remove the malicious programs?

 

[sggaunt]

In the same way that antivirus software works.
The most basic method is to have a database that contains bits of the code present in the spyware. (known as a signature) all computer programs consist of is numbers. the antispyware compares its signatures with the code in the files & memory on your computer.
Virus & spyware writers, bring out new versions of thier trash so we need updated definitions to keep up.


[red]GNBM 4th Feb[/red] More on and other neat UK stuff at forum1091
Steve: Delphi a feersum engin indeed.