Internet Security Software - Computer Security Software - Security Software Anti Spyware - Spyware Detector - Spyware Detection
Software Security Solutions background
 
 
Main Spyware
Spyware News
Spyware Detection
Empty Cart Cart

Software Security Solutions for spyware removal software recommends Spysweeper.

 

Member of:
Better Business Bureau Realiability Seal

"If your data isn't secure,
it isn't your data"®

 Support and Money Back Guarantee

Spyware Detection

Spyware-detection: A brief history from one who was there.
© 2006 Software Security Solutions

Spyware Detection History:
Use of Spyware programs, when researched, will prove to go back as far as the mid 1990’s. It wasn't until 2001 that anyone really started questioning the intent of these programs and formulating a Spyware detection methodology. Initially, these “legitimate” programs were marketed as convenient for the user, which in some cases was true.

It was the spring of 2002 when Software Security Solutions, in partnership with PestPatrol, first started giving presentations about threats from Spyware and Spyware detection and removal. These presentations included information about Ad Ware, RAT’s (both kinds), Trojans, ddos agents and key loggers as potential threats. These Non Viral Malicious Code presentations initially received a cool reception, partly due to being so close to the September 11 attacks and because people just didn’t\couldn’t believe there were more computer threats than just viruses. It was unimaginable a Firewall and Anti Virus were not enough. We essentially had to create the Spyware industry, which was an arduous task

Although the most dangerous threats of this kind were and are RATS, Trojans and key loggers, Spyware eventually caught on because of its name, not because it was the most malicious of the threats. It took until the fall of 2003 for the threat to be widely acknowledged. Mass market acceptance was largely due to the big AV companies finally admitting a problem existed and needed attention.

Early Spyware detection and removal:
In the early days, Spyware detection was based on finding web sites and programs that installed software that was stealthy, un-approved and often bundled. Programs were observed as they were installed and run. If the program made any calls to the Internet without the user’s knowledge or approval, it was labeled suspicious and warranted further investigation. Part of the Spyware detection methodology was identifying the main executable, associated dll files, the uninstaller, if present and the collateral files of the program. Once those were known the removal process could begin.

The removal processed varied depending on the quality of the malicious program. If an uninstaller was available, it was simply executed. Spyware programmers quickly caught on and some added an “authentication” factor to remove the program, which had to be hacked. If an uninstaller was not available a file list and registry entries would be created and deleted, thus the program was “ripped out by the roots”. Removing things in the registry (and) by brute force was a tricky business and fraught with peril. Many a good machine perished in the creation of the Spyware industry.

The stakes increase:
Eventually, some programmers of malicious code started hijacking the lsp or WINSOCK which is what the computer uses to communicate to the Internet. This hijacking allowed various activities to happen without the user’s knowledge or approval. Everything was all fine and good until Spyware detection found the malicious program and removed it, breaking the machine’s Internet connection. We took the blame for breaking many machines when removing malicious programs. The fix was and still is to send the user a repair tool, usually to a friend, or coworker, and fix the TCP\IP stack. Many Spyware detection tools still struggle with these types of malicious programs.

To evade removal, another technique used by the malicious programmers was to incorporate a hidden re-installer, or sister installer, who’s only job was to check to see if the Spyware’s executable or service is running every X minutes and if not restart or re-launch it. This was troublesome because the hidden installer usually had a totally different and unrelated name making it harder to detect and remove.

High Tech War on Spyware (an Industry grows up):
In just a few years the industry, both Spyware creation and Spyware detection as a whole, has exploded in growth and stolen the top spot of malicious threats from viruses and worms. Threats are now changing the signatures of the executables making them even more difficult for Spyware detection and removal to occur. The answer now is to reverse engineer the program. This requires finding the pattern or key to stop and remove the malicious Spyware. Legal implications, soon to be seen from this, are going to change the game yet again.

Here we are, once again, for the very first time:
The game of cat and mouse invented in the “Viral Age” is now a virtual high tech war. Put simply, it is a battle of programmers and this is where the battle needs to be won. A call for Ethics in programming is coming and can’t get here soon enough.

It takes an enormous staff and resources to keep up with the Spyware threats and smaller companies just can not keep up. There are hundreds of Anti Spyware programs out there but only the companies with talent, experience and resources will be able to keep up.

We recommend Spysweeper as the Industry leader at this time in Spyware detection and removal. Spysweeper is found on our website at the following link.

Spysweeper Spyware Detection and Removal

 

Anti Virus Software | Eset NOD32 | ESET Smart Security | Kaspersky | Spyware Removal Software | Spysweeper
Remove Adware |LinkScanner | LinkScanner Online | Firewalls | Outpost | SonicWALL | Disaster Recovery |
Spam Blocker | Security Tools | Computer Security Tips | Layered Security Model
Security Software Resources | Solution Certifications | Trusted Reviews | Security Goal
Security Links | Partners | Press Releases | White Papers | About Us Home

Contact Software Security Solutions at (303) 232-9070
Site Map | Privacy Policy | Legal Notice | Home