The PC HelpSite
Office Tutorials & Software Solutions
Specializing in Advanced Spreadsheet & Office Macro Solutions.
Detecting and Removing Browser Hijackers

Application Microsoft® Internet Explorer® Version 2.00
Author OfficeHelp
Tested on versions: 6.0

Browser Hijackers are  small applications that auto-install from WebPages using bugs in Internet Explorer (from now on referred as IE). They can redirect your browser home and search pages, or worst, send to their makers all keystrokes you make (including your passwords and credit card  details). They are usually referred to as belonging to the categories of Spyware or Mallware. They shouldn't be confused with Virus, as they don't replicate themselves, but they put your privacy and system to risk, sometimes downloading additional software. And they may allow other persons to control your PC and use it to relay SPAM and attack commercial websites (yes, your PC may be doing it right now!)

Most IE users will know when they have been infected, as some of the most common changes are visible: redirected home and search pages, an undesirable and not requested browser toolbar and the frustration of not being able to uninstall them. It is also common for advertisement pop-ups to show when the computer is connected to the internet, specially from undesirable and often embarrassing sources. But some are silent, like keyloggers that will send to their authors all your keystrokes (and related website details). 

More information on how to remove spyware on this address: 

So where do they come from? 

Some are downloaded and installed by the computer users believing they are something else, and some are bundled with "free" software. Kazaa is a well know example, where the free version will install a spyware (Gator) to push adds into your computer, even when you're not using the software. But most will silently install themselves using non-patched versions of Windows and IE, when some websites are visited. While many of this websites have "inappropriate" content, many have regular and even children contents, like cartoons. So your PC may become infected even if you did nothing "wrong" or "inappropriate". More explanations can be found on Microsoft website and on this useful page.

What can you do to prevent their installation?

Microsoft, as the maker of IE, is aware of this situation and has extensive information on its website, and provides patches to close the loopholes used to silently infect PCs. This won't solve the problem of the spyware integrated with free software, as their installation was made by the PC user, even if he is usually unaware of the bundled spy module. But will stop your browser of being infected without your knowledge or permission, just because you checked what looked like a regular website when searching something in Google. Unfortunately, Microsoft doesn't provide tools to remove them directly, instead linking to third-parties supplying commercial software to do so.

How can they be removed?

There are several software programs to fight spyware. Some are paid, even for personal use, some are free for personal use only and some are plain free. There is a category of small, free software's, that address only one specific type of hijacker, and are usually very effective. A short and easy tutorial on how to use some of them, including the tool download, can be found here: CWShredder is one of the easiest and best, removing several variants of the same hijacker (CWS).

Be careful when using tools that instead of automatically removing the spyware, allow you to select and deleted settings on your PC, like Hijack This! You may removing something that look strange to you but is not only perfectly normal but even necessary to your PC. If you are a corporate user on a corporate PC, don't try to do anything. If suspicious, inform your IT helpdesk and request their help. 

Interested on Internet Privacy? Check this , clean your navigation trail!

Every time you use your browser, it will register information about the pages you visited. This can be annoying and even misused. You can manually clear most of this information, but it is a time consuming process. This macro is an Excel file and will run on any computer with Excel just by pressing one button. 

With it, you will be able to delete Internet Explorer's navigation trail on your PC (all records IE makes of what you've been seeing on the internet) as well as the recent file list of some common picture editing applications included in Windows and Office: Paint and Photo Editor, Windows itself and Windows Media Player. Since it is an Excel Macro, it runs inside Excel and doesn't need to be installed. As such, it will run on most PCs, even corporate ones. Really easy to use, just press the "Run" button.

Get it HERE.

How can I stay informed on this subject?

There is a very good, even if irregular, newsletter and website about spyware, at Their email newsletter can be subscribed here. Its content is not technical and is therefore suitable for everyone. 

February 2005 Update: Microsoft enters the Game

There is an important update on this subject. Reinforcing the growing importance of security and privacy issues, Microsoft itself has entered the browser hijacker detection and removal field. They acquired an existing company had published a website dedicated to this subject, including a FREE DOWNLOAD of a beta version of their future Browser Detection and Removal software.

It's worth checking, give it a try at

Useful Links (valid on the date of publication):

Notice that websites fighting spyware are common victims to access denial attacks and sometimes become unreachable. Doing a search in Google may work around this by finding alternative download addresses. Microsoft website can also be used for this effect.

Get FREE PC TIPS every month:



(c) 2004 - 2021 OfficeHelp.Biz