Difference between revisions of "BrowserHelperEx"
(→Description) |
(→Usage: added var types) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | The most common way spy- and adware links into Internet Explorer is creating a browser helper object. | + | {{SbiCmdInfo |
+ | |SYNTAX = BrowserHelperEx | ||
+ | |PENAME = SpybotSD.exe | ||
+ | |PEVERSION = 1.5.2 or later | ||
+ | |GROUP = Registry | ||
+ | |MINUPDATE = n/a | ||
+ | |ADVFILEPARAMS = yes (second) | ||
+ | |ADVREGPARAMS = no | ||
+ | |ADVBUILDPARAMS = yes (second) | ||
+ | |ADVSPECIALPARAMS = [[flagfile]]<br />[[flagifnofile]] | ||
+ | }}The most common way spy- and adware links into Internet Explorer is creating a browser helper object. | ||
This is an advanced version of the [[BrowserHelper]] command. | This is an advanced version of the [[BrowserHelper]] command. | ||
==Usage== | ==Usage== | ||
− | BrowserHelperEx: | + | BrowserHelperEx:<bho-name/clsid-name(string)>[,advanced file parameters] |
===Examples=== | ===Examples=== | ||
Line 12: | Line 22: | ||
# The first parameter can identify both the BHO name, or the name of the class associated with the BHO. {{AlgoPrefix}} | # The first parameter can identify both the BHO name, or the name of the class associated with the BHO. {{AlgoPrefix}} | ||
− | # The second parameter, though optional, is highly recommended to refine the scan to be limited to BHO that point to a to be identified file, where the filename is gathered from the CLSID associated with the BHO. | + | # The second parameter, though optional, is highly recommended to refine the scan to be limited to BHO that point to a to be identified file, where the filename is gathered from the CLSID associated with the BHO. Contrary to [[BrowserHelper]], this is tied stronger to the file though, you need [[flagifnofile]] if you want to flag the BHO even if the file does not exist. |
+ | |||
+ | Important to point out is that while this is actually named after BHOs, it also detects Internet Explorer toolbars and Windows Explorer toolbars. | ||
+ | |||
+ | ===Scan Results=== | ||
+ | * The BHO/toolbar registry entry identified by the first parameter; or a BHO/toolbat registry associated with the CLSID identified by the first parameter. | ||
+ | * If the first parameter identifies a CLSID, the CLSID in addition to the associated BHO. | ||
+ | * If you set ''[[flagfile]]'', the associated file will also be flagged. | ||
==See also== | ==See also== | ||
− | + | * [[Advanced file parameters]] | |
===Similar commands=== | ===Similar commands=== | ||
Line 23: | Line 40: | ||
[[Category:SBI Commands]] | [[Category:SBI Commands]] | ||
− | [[Category:SBI Commands | + | [[Category:SBI Commands supporting AlgoPrefix]] |
Latest revision as of 15:55, 22 February 2008
BrowserHelperEx | |
Group | Registry |
Main Application | Version 1.5.2 or later |
Required Update | n/a |
File Parameters | yes (second) |
Registry Parameters | no |
Build Parameters | yes (second) |
Special Parameters | flagfile flagifnofile |
The most common way spy- and adware links into Internet Explorer is creating a browser helper object. This is an advanced version of the BrowserHelper command.
Usage
BrowserHelperEx:<bho-name/clsid-name(string)>[,advanced file parameters]
Examples
See BrowserHelper.
Description
While using RegyKey might be more fitting for just matching a browser helper object with a static name, you might encounter situations where a random name requires you to use the name of the associated class, or properties of the file the browser helper points to.
- The first parameter can identify both the BHO name, or the name of the class associated with the BHO. AP
- The second parameter, though optional, is highly recommended to refine the scan to be limited to BHO that point to a to be identified file, where the filename is gathered from the CLSID associated with the BHO. Contrary to BrowserHelper, this is tied stronger to the file though, you need flagifnofile if you want to flag the BHO even if the file does not exist.
Important to point out is that while this is actually named after BHOs, it also detects Internet Explorer toolbars and Windows Explorer toolbars.
Scan Results
- The BHO/toolbar registry entry identified by the first parameter; or a BHO/toolbat registry associated with the CLSID identified by the first parameter.
- If the first parameter identifies a CLSID, the CLSID in addition to the associated BHO.
- If you set flagfile, the associated file will also be flagged.