BHOs: Browser Helper Objects, as described above, are plug-ins for IE that can be installed through a Web page. Some are benign and even useful (i.e., Microsoft's own Research BHO), but any unknown BHOs should be disabled. In IE, select Tools | Internet Options | Programs | Manage Add-Ons to see the list of browser plug-ins, or Browser Helper Objects (BHOs) present in IE.
Startup: Unwanted programs often load themselves at startup. Spybot - Search & Destroy lets you browse the startup list and prune out anything that looks like it doesn't belong there. However, be careful what you turn off: Some of those programs may be legitimate.
Changes to the HOSTS file: The HOSTS file, a plaintext file with no extension found in windowssystem32driversetc., contains a list of pre-resolved network addresses. Usually this only contains an entry for localhost, and unless it's been set as read only, many spyware programs love to load it up with misleading entries. For instance, a spyware program may redirect Microsoft.com to its own servers. Set HOSTS to read only whenever possible (this is something Spybot - Search & Destroy allows).
How to remove spyware
Step 1: Get familiar with spyware now if not already
Step 2: Know where spyware comes from
Step 3: Recognize how spyware acts
Step 4: Understand what damage spyware can cause
Step 5: Choose tools to clean up spyware
Step 6: Use these advanced techniques to clean up spyware
Step 7: Install service packs to prevent spyware infections
Step 8: Take additional initiatives to prevent spyware infections
Step 9: Plan ahead for new spyware tactics
|ABOUT THE AUTHOR:|
Serdar Yegulalp is the editor of the Windows 2000 Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well!
Copyright 2005 TechTarget
This was first published in June 2005