Spyware Resource Site

Spyware Articles

Spyware Your Web Browser is the Culprit!



My first experience with a spyware BHO based infection was several months ago. I had gone through all of the usual steps with the clients machine to clean it. Ad-Aware was run, Spybot: Search and Destroy was as well. Nothing looked suspicious in the systems startup. All appeared well, but it wasnt.

After extensive testing and no further symptoms I returned the computer to my clients home. I hooked it back up, and dialed the internet. Everything so far was progressing smoothly. But, as SOON as I loaded Internet Explorer: BAM the same pop-up advertisements and other annoying things started happening again. With much embarrassment I had to take the computer back to my office and try again.

It was all Internet Explorers fault. Microsoft Internet Explorer comes with a feature that is designed to add third-party functionality to their browser. Its actually a very good idea. Unfortunately, it now gets taken advantage of.

The producers of spyware know that many people now have spyware removers installed on their computers. They also know that quite a few people have the ability to check what is in their start-up. Because of this, BHOs are crafted so that the spyware lies dormant until Internet Explorer is opened. Then it can start its dirty work.

The best program to remove an errant Browser Help Object is HijackThis. This program was originally designed to remove homepage hijackers and gradually morphed into an all-around removal tool for everything. If theres any one tool that I couldnt part with its HJT.

To start, download HijackThis 1991. Once youve got it, open it. Click the button that says Do a system scan only. Following that, scroll down to the items labeled 02 BHO. Remove anything here that looks suspicious. Internet Explorer does not require any BHOs to run. Just keep an eye on the path that it loads from, and the name of the file. A legitimate one will be fairly easy to spot, as itll have a legit title and OK looking path.

If the filename looks like it was randomly made, like ASGSRT32.DLL or whatnot then theres a good 90% chance that its bad. Even if you do remove one thats good, you can always use the restore feature of HJT to bring it back.

If you need any other HijackThis help then read the previous link.

Kevin Souter is a full time computer repair technician. He also operates a free spyware removal site, as well as a general computer repair site.


Related Links:


What You Must Know About Spyware Right Now

I Spy...Something Terribly Wrong (In Your Computer)

Regain Internet Privacy from Spyware


     Privacy Policy | Copyright | No-Spam Policy | Terms Of Use | Earnings Disclaimer | Contact Us