How Does Anti-spyware Work?
Anti-spyware programs employ methods in controlling spyware. Real-time protection from automatic installation into computers is one. The other is by detection and removal of spyware software already installed in the computer.
Anti-spyware software that work on real -time method scan incoming data for potential spyware and block their entry and installation, exactly the way anti-virus programs deal with viruses.
Some programs do not use real-time prevention methods. They are used mainly to detect and remove spyware that have already infiltrated computers. Of the two types, this is the more popular because it is easier to use. Users can schedule regular scanning of contents of windows registry, operating systems, document files and installed programs. The anti-spyware program provides a list of threats classifying them into serious threats, moderate threats and those that do not affect the computer. Users have to choice which threat to eliminate.
The main focus of early generations of anti-spyware is detection and removal. The first program to utilize real-time method is the Spyware Blaster of Javacool Software. This program blocked installation of active X and other spyware software.
Developers study new releases of spyware, making ‘signatures’ or ‘definitions’ which allow them to detect and remove them. Thus, continuous updates are essential for the effectiveness of spyware programs. Some vendors provide free updates to all versions of their products – trial, free or professional. Presently, most even offer daily updates.
Many spyware which manage to get installed resist attempts of removal. Some of them work in pairs. When one of them is terminated, the other restores it. Other spyware resist attempts to uninstall them by detecting removal of registry keys and immediately restoring them. In such cases, rebooting the computer and running it on safe mode gives the anti-spyware program a better chance of eliminating the spyware.
A new breed of spyware is proving harder to detect and remove. They hide within system-critical processes and can operate even when the computer is on safe mode. Some do not leave any disk signatures which spyware programs can identify and start the process of removal. Anti-spyware programs also have to contend with increasing ability of newer spyware versions to develop specific countermeasures. Some even are powerful enough to prevent the installation and running of anti-spyware.
The battle between spyware and anti-spyware will continue unabated for as long as spyware technology is used in illegal acts such as identity theft, illegal gathering of personal information and rerouting them to third parties. It will be wise for users to be always on the alert for threats and know possible ways to control them.
