|
But 'adware' is not all antispyware protects you from. No, spyware has a wide variety of malicious behaviors.
Keyloggers Keyloggers keep a record of everything you type. Many of them keep a record of everywhere you click your mouse, and even take screen shots. Some of these are installed by worms, some are installed by spyware, and some are installed on purpose by other users of the computer. Regardless of how they got there, many antispyware programs detect any keylogger that is installed on the system, because they look at where keyloggers have to be installed and see if there's anything there. Tracking Cookies Cookies got somewhat of a bad reputation at some point, but most of them are completely harmless. Cookies are just when a web site hands you tiny bits of data, and you hand them back with every request. So, for example, you can stay logged in. The danger is not that a single site will do something, they already know everything you did at their site, so handing you a cookie and getting it back isn't very useful to them. As long as a cookie stay within a single website, there's nothing bad happening there. And all cookies have a website listed in them, and will only be handed back to the original website. This was a privacy decision, a very good one. The problem is that you can still have cross-website cookies. These work by having an single server somewhere, and putting a reference to it on other websites. In practice, this is done via ad images. They then know a bunch of websites the same person went to. If you have personal information at any of those websites, they have it. Yes, you can turn off all cookies, and some people recommend that. But you'll lose the ability to login and/or store preferences in many sites. Antispyware usually either deletes all known tracking cookies, and/or lets you marks certain cookies you like and deletes all others. Either way works fine, although the former requires less work. Phone Home A lot of commercial software, especially games, coming with parts of it that will make regular checkups to the manufacturer. Originally designed for updates, this has expanded into piracy checks and just plain privacy-invading information. (Why do they want to know how often you run the program?) A lot of this can, and should, be blocked with a firewall, but antispyware programs can help cripple this behavior too, especially ones that rely on third-party software. Rootkits A 'rookit' is a term for software that hides. Usually it does this by hiding itself from the registery, process and file list. Don't confuse that with files marked 'hidden'. All programs can see those, they just don't tell the user. Rootkits attempt to hide from other programs, so that Windows will launch them, but once running no one will be able to access or see or remove them. Of course, hiding yourself just to hide yourself is pointless, so rootkits come with other software, which they also hide, that actually does something. Or, more accurately, that software comes with a rootkit. Many antispyware programs can detect that sort of hiding in general, at least in important places. Rootkits have to, at minimum, hide something somewhere to ensure they will actually get started with Windows, so scanners just have to do is look there. Once that is disabled, and windows rebooted, whatever else they're hiding will be visible. Rootkit detection is sometimes also included in antivirus software. However, as there are so many different things rookits have to remember to do, extras detection attempts by different manufacturers increases the odds something they forgot to do will trip a scan, and doesn't do any harm. |
Spyware