This is my first time using this forum, so if Ive made any mistakes or have put this in the wrong forum area I apologise.

Over the last few weeks my computer has appeared to be running slow, so thinking I had a virus I asked a friend could he suggest trying to help me find out why my computer was running slower, I told him I was using Spyware Doctor and AVG, he suggested I tried Trend Online Housecall virus/trojan checker, this I did and it finds that I am infected with Adware_Bhot_Iehelper, Trend Micro Online Housecall allows you to remove this, although after rebooting my machine it would appear that Adware_Bhot_Iehelper haw not been removed, my question is why isnt Spyware Doctor finding this infection ?, and next does anyone have any suggestions on what I can do to remove Adware_Bhot_Iehelper from my system.

I reported this to Spyware Doctor support over a week ago and recieved a ticket number, but other than the automated ticket there has been no real reply to my problem.

Hi
Please run a full scan of Spyware Doctor in Safe Mode.
To go into Safe Mode please do the following:
Restart your PC
Before Windows starts press F8 and use the cursor keys to select Safe Mode (If the normal Windows logon screen appears, please try again)
Enter your normal username and password
Run Spyware Doctor
Please post any results found
If Spyware Doctor does not detect anything, please run the [b]Malware Detective[b] Tool and submit the log to PC Tools for analysis
Hope that helps

.. I tried Trend Online Housecall virus/trojan checker, this I did and it finds that I am infected with Adware_Bhot_Iehelper, Trend Micro Online Housecall allows you to remove this, although after rebooting my machine it would appear that Adware_Bhot_Iehelper haw not been removed, my question is why isnt Spyware Doctor finding this infection ?, and next does anyone have any suggestions on what I can do to remove Adware_Bhot_Iehelper from my system..

Not to worry, Trend Micro and other Antispyware apps (until recently even Spy sweeper) falsely identify Adware_Bhot_Iehelper presence whenever SD version is installed. The false positive(FP) is just IE browser protection by SD.

If you unistall SD and clean it it will go for good. Re-install SD it will show again. However a genuine Adware_Bhot_Iehelper is very old, ever since 2002 i think, that one will be detected by SD as well. Trend Micro must attend to the FP. :cool:

mjq424

I have carried out your recommendations, and SD didnt find anything in safe mode, I havent as yet decided to do the Malaware detective as Ive sent a report to SD over a week ago (still no response from them ) and I dont want to confuse the issue, I will wait to see if they reply to my email I sent to them earlier today before doing anything else, but thnx for your input.

hi
you should be able to find and remove this with pandas online scanner (there is a link in my signature below)

(http://www.kaspersky.com/virusscanner)

Hi
Please run a full scan of Spyware Doctor in Safe Mode.
To go into Safe Mode please do the following:
Restart your PC
Before Windows starts press F8 and use the cursor keys to select Safe Mode (If the normal Windows logon screen appears, please try again)
Enter your normal username and password
Run Spyware Doctor
Please post any results found
If Spyware Doctor does not detect anything, please run the [b]Malware Detective[b] Tool and submit the log to PC Tools for analysis
Hope that helps
you need to delete this post. you cost me an hour of wasted time!:mad:

like ngwana said, trendmicro's "housecall", as well as their antispyware scan, is very prone to having "false-positives"..

Hi Ripvanwinkle
I am very sorry to hear that my instructions caused you problems. Was there anything in particular that caused an issue?

..and I dont want to confuse the issue, I will wait to see if they reply to my email I sent to them earlier today before doing anything else, but thnx for your input.

I guess you are still waiting for PC Tools mail or reply. I hope the issue is resolved.

Pls be assured that the FP (BHO_IEHELPER) is common when there is another app that monitors ActiveX components like Spyware Doctor. I am not trying to defend SD in anyway or mislead you to ignore the issue. There is really nothing to worry about.

The real Adware_Bhot_Iehelper will be detected by SD without a problem. :cool:

This is my first time using this forum, so if Ive made any mistakes or have put this in the wrong forum area I apologise.

Over the last few weeks my computer has appeared to be running slow, so thinking I had a virus I asked a friend could he suggest trying to help me find out why my computer was running slower, I told him I was using Spyware Doctor and AVG, he suggested I tried Trend Online Housecall virus/trojan checker, this I did and it finds that I am infected with Adware_Bhot_Iehelper, Trend Micro Online Housecall allows you to remove this, although after rebooting my machine it would appear that Adware_Bhot_Iehelper haw not been removed, my question is why isnt Spyware Doctor finding this infection ?, and next does anyone have any suggestions on what I can do to remove Adware_Bhot_Iehelper from my system.

I reported this to Spyware Doctor support over a week ago and recieved a ticket number, but other than the automated ticket there has been no real reply to my problem.

Could you please PM me the ticket number so I can have a look at what happened to your ticket. Also, we can find out more about the infection you have and how to remove this.

Thank you,

Support

i read a post in another forum where a person's computer was running slow.. they contacted "tech support" and tech support ran diagnostics on their computer and found that the person had multiple "toolbars" installed, and they thought that that was the problem.. the person allowed "tech support" to remove the toolbars, by remote control, and that resolved the problem.. (i have seen some hijackthis logs where people had multiple toolbars installed)..

if you have "hijackthis", you could post a hijackthis log.. then we could see exactly what "BHO" it is that trendmicro's housecall is flagging..

I am still awaiting an explanation from SD to help me with this.

I list below the latest reply from SD dated 25th May

Thank you for running Malware Detective.

I am sorry to hear the problems that you are currently experiencing.

The problem that you are experiencing is a new known issue with Spyware Doctor. Our development team is currently aware of this issue and are working on resolving the problem shortly.

Please make sure to keep Smart Updating as the problem should be fixed very shortly with a new version of the tool that is causing the error.


Kind Regards,


Lily Chan
Customer Support Representative
PC Tools Customer Support Services
______________________________

Please make sure to keep Smart Updating as the problem should be fixed very shortly with a new version of the tool that is causing the error. Kind Regards,
Lily Chan
Customer Support Representative
PC Tools Customer Support Services
______________________________

Now you are in good hands, good luck. I am shocked it seems the issue is new to PC Tools. The hoopla about Adware_Bhot_Ihelper or HBO.Adware.Estalive or anything the security vendors want to call it has been around for for a while. :D

Hi Everyone,

It appears from this thread that this could possibly be a FP. Can we get a screenshot of the detection and we'll investigate this further.

Hi,

Housecall also detected Adware_Bhot_Iehelper in my computer but according to Jason Kim of PC Tools it seems to be false positive.

Hi,

Housecall also detected Adware_Bhot_Iehelper in my computer but according to Jason Kim of PC Tools it seems to be false positive.

Hey Jeffre, can you attach a screenshot of the detection to this thread.

I've also ran the Malware Detective and sent the log to PC Tools and the response was it seems to be false positive.

Housecall finds the exact same screen as Jeffre has attached and yet the email I got from Lily Chan appears to say that I have something different ?

It would be kind of nice if PC Tools kept us informed of what is actually happening, the reason I say this is, that some are saying its a False Positive and yet PC Tools is saying its something new and their working on it ??? :mad:

Housecall finds the exact same screen as Jeffre has attached and yet the email I got from Lily Chan appears to say that I have something different ?

It would be kind of nice if PC Tools kept us informed of what is actually happening, the reason I say this is, that some are saying its a False Positive and yet PC Tools is saying its something new and their working on it ??? :mad:


If it is a FP then yes they would be working on it makes sence huh !

Hi,

Here's an update. Jason Kim of PC Tools emailed me again saying It's False Positive and HouseCall should address this issue. They will be contacting them shortly to resolve this issue asap.

What concerns me its now been over 2 weeks and really no satisfactory answer from PC Tools about what is being done about my problem, or they don't know, or don't care that they accept our cash, but don't appear to care ?

Come on guys were paying good cash for this program.

PC Tools has nothing to do with this. Another program is detecting a file from SD which appears to be a false positive. The other program has to remove the file from the database. PC Tools has no control over other applications on what it picks up. They can only contact the company to remove this from the database, but its up to the other company to take action.

Cheers,
Chippa

PC Tools has nothing to do with this. Another program is detecting a file from SD which appears to be a false positive. The other program has to remove the file from the database. PC Tools has no control over other applications on what it picks up. They can only contact the company to remove this from the database, but its up to the other company to take action.

Cheers,
Chippa

I'm not quite sure that I agrees with You. SD adds False Positive's as protection. Who is to blame? The one putting them there or the ones detecting them?
By right the other application should detect them and try to remove them.
I think it is more back to the common rule of not running more than one app (active) at the time, but use one or more extra for scanning.
If SD had a list of 'fals positives' it adds available somewhere, the problem might not be that big, it would just be to check versus the list.

I'm not quite sure that I agrees with You. SD adds False Positive's as protection. Who is to blame? The one putting them there or the ones detecting them?

I hope this helps:

False positives cannot really be blamed on anyone. Sometimes the 'names' given to signature files of spyware are too simple. As an example of what used to be a common false positive: There was a genuine spyware file known as PC Agent(pca) but at the same time SoundFordge/Sonymedia were using music applications that had an extension .pca( perfect clarity audio). As a result any person who installed such audio applications would get a PC Agent false positive due to presence of the .pca extension. The antispyware vendors were alerted and they rectified the issue.

In this case there exists dangerous spyware that behave as Browser Help Objects(BHO, to hijack the browser (especially IE ). What very advanced Antispyware products like SD do is to monitor and protect attempts by some spyware to masquerade as genuine BHOs. This is a recent preventative technology that some Antispyware products get confused about since they cannot interpret the registry properly. The company that has a false positive must be contacted to be able to detect a genuine Adware_Bhot_ihelper at the same time not getting confused about the presence of another antispyware product. :cool:

Thnx for all those offering me advice, but I'm getting a little annoyed that SD themselves have not had the decency to at least email me or even post a message here to let me know that they are trying to sort this query re Lily Chan's Email to me with this quote

"The problem that you are experiencing is a new known issue with Spyware Doctor. Our development team is currently aware of this issue and are working on resolving the problem shortly"

or that this problem maybe a FP, to this date no one from SD has confirmed one way or another, which IMHO sux.

Hi All,

Adware_Bhot_Ihelper also know as HBO.Adware.Estalive: Software that displays pop-up/pop-under advertisements when the primary user interface is not visible, or which do not appear to be associated with the product.

When the Spyware Doctor Immunization is activated, Spyware Doctor creates a key which occupies the registry location where Estalive would normally infect your computer, as a result Estalive will fail to install.

Since Spyware Doctor adds an entry in this particular key other malware applications are generating false positives relating to the Estalive/ Adware_Bhot_Ihelper infection.

Please be assured that Spyware Doctor is not infecting your computer, we have contacted Trend Micro about this detection and are awaiting a fix.

Thank you for keeping me updated its appreciated.