Scanning and removing spyware, 6 must check places
The original — and still the most popular — means for identifying and removing spyware is to run a spyware-scanning program that will search a workstation or server for spyware, list the spyware found, and remove it if the user so desires. But software that blocks spyware before it can be loaded is becoming more popular. A thorough spyware scanning and removal program must check for spyware in many places, including
- Cookies: Although cookie-based spyware is the most benign of spyware, many people are concerned about the Web-tracking capability that such spyware facilitates.
- Browser Helper Objects (BHOs): Executable code that Internet Explorer loads into memory and has complete access to everything the browser does and displays. BHOs are used by spyware to track what you are doing and where you are going.
- Registry entries: Spyware often creates distinctive Registry entries that facilitate and configure its execution. Registry entries also control a browser’s home page and default search page, among many other settings that spyware often utilizes.
- Standalone programs: Computer programs that operate entirely on their own. In the Windows world, a standalone computer program has all of the access privileges of the user who runs it. This applies not only on the computer it’s running on, but to any network resource (such as files on a file server) that the user is able to access.
*Spyware for Dummies, Peter Gregory 2005