SecurityXploded Blog

Quick Way to Enable/Disable BHO on the System

BHO stands for Browser Helper Objects which are plugins written for Internet Explorer to enhance its capabilities. These plugins are basically DLLs which are loaded by IE during the start.

But this feature is often misused by many spyware programs to monitor user’s browsing habits and steal the users credentials silently. Also some of the BHO’s gets loaded into explorer.exe resulting in the slow down of the system. There are lot of tools available such as  ‘BHORemover’ which helps in viewing all installed BHOs and removing them instantly.

So often times there is a need for completely disabling BHOs altogether. Especially on critical systems it is good security practice.

Newer versions of IE (IE7 onwards)  provide a way through ‘Manage Add-ons option’ to enable/disable individual BHOs selectively.

However there is a better way to globally disable all the BHOs  by simply setting the registry value ‘Enable Browser Extensions’ to value ‘no’.  This registry value is present at following location (as shown in the above screenshot)

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

Note that you have to restart all instances of IE for this changes to take effect.

By default on the client systems (such as Windows XP, Windows Vista etc) this value is set to ‘yes’.  However on all server machines (such as Windows 2003,  Windows 7 server) it is set to ‘no’ for security reasons.

As this key is specific to user, changes made to this value will not be effective for other users in the system. Nevertheless it provides a convenient way to control loading of BHOs into Internet Explorer.

.

Leave a Reply