Symantec is the most effective at detecting and removing spyware versus five other vendors. AV-Test (Andreas Marx), under the supervision of TUEV Saarland, conducted a test to determine how each vendor handled the spyware/adware anti-removal techniques.
This test was conducted in June, 2006, with 50 security risk samples randomly chosen by AV-Test from the “top 10” lists of various antispyware vendors, including the vendors that were tested. Further information on testing methodology and samples used can be downloaded at http://www.symantec.com/enterprise/security_response/toughsecurity/index.jsp (refer to the Appendix at the end of the technical brief) or visit www.tekit.de.
The results showed Symantec’s lead in the detection and removal of spyware, adware, and other security risk programs. We effectively...
Unlike traditional worms or viruses, spyware usually does not spread itself from system to system. One of the easiest ways to distribute spyware is to go directly to the users and gain their consent to download the application. One of the more common trends in accomplishing this act is through the use of “misleading applications.” On the extreme end, these are applications that can grossly exaggerate and alert critical errors on users’ systems that are not actually present. This deceives some users and scares them into purchasing the program for a substantial fee to fix errors that are nonexistent.
Another method used to distribute spyware is to entice the user by offering up something desirable or useful for free. Not only does the user get the freebie tool, but they also get the bundled adware or spyware program downloaded with it as well.
On the flip side, there are ways of installing and downloading spyware without user consent, such as the...
Symantec uses the term “security risks” to refer to programs such as adware, spyware, and other potentially unwanted programs. Our hands-on analysis of these programs results in risk designations of high, medium, or low. These risk ratings are calculated across four different categories: • Performance impact: The measure of the effect that a particular program has on a system’s stability and speed. • Ease of removal: The measure of the difficulty of removing the program from a system. • Privacy: The type of information that is being captured and whether or not it is personally identifiable. • Stealth: Measuring to what extent programs may install without the user noticing and/or try to remain hidden to evade detection and removal.
Unlike malicious code threats, which are automatically removed, a security risk program may be acceptable to one enterprise or home user and not acceptable to another. Classifying security risks helps guide...
