Dale Walsh wrote:
> What your asking for sounds simple however, how do you establish
> detection??
Can't you use the existing signature scanning technology in ClamAV to
identify known spyware vendors? Spyware vendors distribute either
embedded libraries or have specific DLLs or EXEs - something is probably
similar for each vendor to draw signatures from their toolkits. In
fact, Lavasoft Adaware switched, a couple versions ago, to a signature
database...very similar to how AV products work.
I'm not asking to be able to determine if a custom spyware solution is
spyware. Just cover the major spyware vendors with signatures and that
will catch about 80 to 90 percent of the most popular spyware enabled
applications out there, which is "good enough" for my purposes.
--
Thomas Hruska
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
(text/plain)