Difference between revisions of "Winsock"

From SpybotWiki
Jump to: navigation, search
(New page: Important: the anywhere boolean determines whether the driver name field needs a full or partial match. Filename with wildcards OR ALGO-PREFIXED, or a GUID. ==Usage== Winsock:[driver nam...)
 
m (Similar commands: added WinSecCenter)
 
(7 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Important: the anywhere boolean determines whether the driver name field needs a full or partial match. Filename with wildcards OR ALGO-PREFIXED, or a GUID.
+
{{SbiCmdInfo
 +
|SYNTAX = Winsock
 +
|PENAME = SpybotSD.exe
 +
|PEVERSION = 1.3 or later
 +
|GROUP = Windows API
 +
|MINUPDATE = n/a
 +
|ADVFILEPARAMS = no
 +
|ADVREGPARAMS = no
 +
|ADVBUILDPARAMS = yes (fourth)
 +
|ADVSPECIALPARAMS = no
 +
}}Can be used to remove Layered Service Providers.
 +
Special care needed. Do not use without asking official advise!
  
 
==Usage==
 
==Usage==
  Winsock:[driver name],[(boolean)anywhere],[filename],<advanced build parameters>
+
  Winsock:<drivername(string)>,<anywhere(boolean)>,<filename(string)>[,advanced build parameters]
  
 
===Examples===
 
===Examples===
   
+
  Winsock:"MalwareLSPName","0"
 +
Would detect all drivers whose names begin with MalwareLSPName.
  
 
===Description===
 
===Description===
 +
This is a very powerful command, allowing you to remove Winsock driver entries, which is an absolute necessity before removing the associated files, since otherwise Internet access will be broken. Take special care with generic names; often, both malware and legit applications have just copied sample code without even changing the default driver name.
 +
 +
# The first parameter may be either a full or partial name.
 +
# The second parameter needs to be set to ''1'' to allow substring matching anyway, set to ''0'' to have the matching begin at the first letter.
 +
# The filename field supports [[AlgoPrefix|Algo-Prefixes]].
 +
 +
===Scan Results===
 +
* A special entry allowing you to properly remove the problem using the Windows API.
  
 
==See also==
 
==See also==
+
* [[Advanced build parameters]]
 +
* [[AlgoPrefix]]
 +
 
 
===Similar commands===
 
===Similar commands===
 +
* [[HostRedirect]]
 +
* [[TCPIPAddress]]
 +
* [[WinSecCenter]]
  
 
[[Category:SBI Commands]]
 
[[Category:SBI Commands]]
[[Category:SBI Commands (current)]]
 
[[Category:ToDo]]
 

Latest revision as of 09:47, 29 May 2008

Winsock
Group Windows API
Main Application Version 1.3 or later
Required Update n/a
File Parameters no
Registry Parameters no
Build Parameters yes (fourth)
Special Parameters no

Can be used to remove Layered Service Providers. Special care needed. Do not use without asking official advise!

Usage

Winsock:<drivername(string)>,<anywhere(boolean)>,<filename(string)>[,advanced build parameters]

Examples

Winsock:"MalwareLSPName","0"

Would detect all drivers whose names begin with MalwareLSPName.

Description

This is a very powerful command, allowing you to remove Winsock driver entries, which is an absolute necessity before removing the associated files, since otherwise Internet access will be broken. Take special care with generic names; often, both malware and legit applications have just copied sample code without even changing the default driver name.

  1. The first parameter may be either a full or partial name.
  2. The second parameter needs to be set to 1 to allow substring matching anyway, set to 0 to have the matching begin at the first letter.
  3. The filename field supports Algo-Prefixes.

Scan Results

  • A special entry allowing you to properly remove the problem using the Windows API.

See also

Similar commands