Scanning and removing spyware, 6 must check places

The original — and still the most popular — means for identifying and removing spyware is to run a spyware-scanning program that will search a workstation or server for spyware, list the spyware found, and remove it if the user so desires. But software that blocks spyware before it can be loaded is becoming more popular. A thorough spyware scanning and removal program must check for spyware in many places, including

1. Cookies: Although cookie-based spyware is the most benign of spyware, many people are concerned about the Web-tracking capability that such spyware facilitates.
2. ActiveX controls: As I mention earlier in this chapter, ActiveX is Microsoft’s proprietary technology whereby scripts (short computer programs) can be dynamically loaded from a Web site and executed on the user’s computer. ActiveX is a “client-side” scripting language similar to JavaScript.
3. Java and JavaScript: Java is a structured computer language introduced in the 1990s; JavaScript, a scripting language similar to Java, is often used as a “client side” scripting language used to execute instructions via a user’s Web browser.
4. Browser Helper Objects (BHOs): Executable code that Internet Explorer loads into memory and has complete access to everything the browser does and displays. BHOs are used by spyware to track what you are doing and where you are going.
5. Registry entries: Spyware often creates distinctive Registry entries that facilitate and configure its execution. Registry entries also control a browser’s home page and default search page, among many other settings that spyware often utilizes.
6. Standalone programs: Computer programs that operate entirely on their own. In the Windows world, a standalone computer program has all of the access privileges of the user who runs it. This applies not only on the computer it’s running on, but to any network resource (such as files on a file server) that the user is able to access.

*Spyware for Dummies, Peter Gregory 2005