From clamav-win32-bounces@lists.clamav.net Mon Sep 12 18:11:54 2005 Return-Path: X-Original-To: list@krisma.oltrelinux.com Delivered-To: list@krisma.oltrelinux.com Received: from [127.0.0.1] (krisma [127.0.0.1]) by mail.oltrelinux.com (Postfix) with ESMTP id 0CD3D11B1D9; Mon, 12 Sep 2005 18:11:52 +0200 (CEST) X-Original-To: clamav-win32@krisma.oltrelinux.com Delivered-To: clamav-win32@krisma.oltrelinux.com Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.202]) by mail.oltrelinux.com (Postfix) with ESMTP id 63C4311AE8E for ; Mon, 12 Sep 2005 18:11:47 +0200 (CEST) Received: by zproxy.gmail.com with SMTP id 4so247849nzn for ; Mon, 12 Sep 2005 09:11:43 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=jTsm8dYyWplx0u6d08NA5E4HmoSUD6dVOVDnHvN8mssQEXXQyEP5wCN+bnZHVtBTvmvqkwfX+pslQpjthUhARgiWcWwNaLEbDUuAGMoncQ+xDAjz5lpWNTsIZzgegqwJUdLrw/ofop+/i8p4xtzGrgLfrGgJVz6MUy8f0FXCgio= Received: by 10.37.2.73 with SMTP id e73mr13998nzi; Mon, 12 Sep 2005 09:09:37 -0700 (PDT) Received: by 10.36.72.19 with HTTP; Mon, 12 Sep 2005 09:09:34 -0700 (PDT) Message-ID: <80d7e4090509120909794aaa9@mail.gmail.com> Date: Mon, 12 Sep 2005 10:09:34 -0600 From: "Stephen J. Smoogen" To: clamav-win32@lists.clamav.net Subject: Re: [clamav-win32] Spyware detection... In-Reply-To: <43247D98.3000005@cubiclesoft.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <43247D98.3000005@cubiclesoft.com> X-BeenThere: clamav-win32@lists.clamav.net X-Mailman-Version: 2.1.5 Precedence: list Reply-To: clamav-win32@lists.clamav.net List-Id: clamav-win32.lists.clamav.net List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: clamav-win32-bounces@lists.clamav.net Errors-To: clamav-win32-bounces@lists.clamav.net X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at krisma.oltrelinux.com X-Spam-Status: No, hits=0.2 tagged_above=-999.0 required=6.0 tests=AWL, BAYES_50, RCVD_BY_IP X-Spam-Level: Status: O Content-Length: 1216 Lines: 28 On 9/11/05, Thomas Hruska wrote: > Ever since spyware came into existence, I have always been a firm > believer that it ranked right up there with the worst viruses. Just > about all client-side binary spyware (that is, not the "browser cookie" > type) exhibit behavioral patterns that are identical to viruses and/or > trojans and are created by the same type of scum who create viruses and > subsequently release them into the wild. >=20 > My question is: Does ClamAV detect spyware? I don't care if it can > remove spyware as long as it can be detected. If spyware can't be > detected, what will it take to get ClamAV to just detect the existence > of the major spyware vendors on a given system? >=20 > If ClamAV has no plans to support spyware detection, I would appreciate > a pointer to a _reputable_ spyware detection application with a good set > of __command-line options__. >=20 I am looking at this similarly. It should be a matter of collecting a batch of spyware and building signatures from that. --=20 Stephen J Smoogen. CSIRT/Linux System Administrator _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32