This section provides a quick description of Spybot IE spyware blocker, SDHelper.dll and a tutorial example on how to setup SDHelper.dll to show which spyware tracking cookies are blocked.
After I installed Spybot - Search & Destroy, I notice that
an IE browser helper object has been installed on my computer. See this entry in the HijackThis report:
My guess is that SDHelper.dll is running to prevent spyware infecting my computer through IE.
Here is what I did to test this:
1. Close all IE browser windows.
2. Run Spybot and click Immunize. It will check the current IE immunity.
3. When the checking is done, make "Enable permanent blocking of bad addresses in Internet Explorer" checked.
And select "Ask for blocking confirmation" in the dropdown option list.
4. Run IE browser and visit htt://www.cnn.com. A number of Spybot-S&D Resident
confirmation dialog boxes show up. One of them looks like this:
5. Read the confirmation message on the dialog box: Spybot-S&D reports that you want to download "/Advertising.com".
This is a known threat. Do you want to BLOCK this download?".
6. Click Yes to all confirmation dialog boxes.
What is actually reported by Spybot is that some other Websites used by the CNN home page
are trying to send potential spyware tracking cookies to my computer. The word "download"
used in the confirmation message is not accurate. IE will not automatically download anything
to my computer. Only some cookie data are stored as cookie files.
As you can see, Spybot is doing a good job to watch out any tracking cookies from any Website
that is on the big list of known spyware Websites.
If you like to keep this IE spyware blocker, you can change the Spybot immunize option to "Block all bad pages silently".
So you don't see the confirmation dialog boxes.
