Re: What is this IE Add-On?

You're saying you don't know, or don't care to tell me, what DLL stands for? 
Or you think I'll get a history of how the word "object" came to be used in 
computerese by googling the word "object?" Not sure where you're coming 
from.
Thanks very much.

----- Original Message ----- 
From: "Robert S. Batchelor" <leehigh73@xxxxxxxxxxx>
To: <jfw@xxxxxxxxxxxxx>
Sent: Thursday, February 22, 2007 11:24 AM
Subject: RE: What is this IE Add-On?


Bird,
 for lingo terms you are interested in learning what they mean a Google
search is usually uour best reference point to start;

A Browser Helper Object (BHO) is a DLL module designed as a plugin for
Microsoft's Internet Explorer web browser to provide added functionality.
BHOs were introduced in October 1997 with the release of version 4 of
Internet Explorer. Most BHOs are loaded once by each new instance of
Internet Explorer. However, in the case of the Windows File Explorer, a new
instance is launched for each window.

Some modules enable the display of different file formats not ordinarily
interpretable by the browser. The Adobe Acrobat plugin that allows Internet
Explorer users to read PDF files within their browser is a BHO.

Other modules add toolbars to Internet Explorer, such as the Alexa Toolbar
that provides a list of web sites related to the one you are currently
browsing, or the Google Toolbar that adds a toolbar with a Google search box
to the browser user interface.

Contents [hide]
1 Concerns
2 See also
3 External links
3.1 Microsoft sites
3.2 Listings and examples
3.3 Removal tools



[edit] Concerns
The BHO API exposes hooks that allow the BHO to access the Document Object
Model (DOM) of the current page and to control navigation. Because BHOs have
unrestricted access to the Internet Explorer event model, some forms of
malware have also been created as BHOs. For example, the Download.ject
exploit installed a BHO that would activate upon detecting a secure HTTP
connection to a financial institution, record the user's keystrokes
(intending to capture passwords) and transmit the information to a website
used by Russian computer criminals. Other BHOs such as the MyWay Searchbar
track users' browsing patterns and pass the information they record to third
parties.

In response to the problems associated with BHOs and similar extensions to
Internet Explorer, Microsoft added an Add-on Manager to Internet Explorer
with the release of Service Pack 2 for Windows XP. This displays a list of
all installed BHOs, browser extensions and ActiveX controls, and allows the
user to enable or disable them at will.

For users that are not using Windows XP, there are free tools (such as
BHODemon) that list installed BHOs and allow the user to disable malicious
extensions.

Many BHOs actually install toolbars in Internet Explorer. It is therefore
possible that a PC contains BHOs that the owner doesn't know about. The
security risk here is that the BHO doesn't need any kind of permission to
install malicious components and thus spyware may be spread without the
user's knowledge.

Since it's relatively easy to write BHOs, many badly written BHOs will harm
the computer and compromise its security, and even sometimes destroy
valuable data or corrupt system files.
*********

And. . . .

instances
Published: November 01, 2004
Send your feedback
Introduction
Browser Helper Objects (BHOs) are in-process Component Object Model (COM)
components-that Internet Explorer will load each time it starts up. Such
objects run in the same memory context as the browser and can perform any
action on the available windows and modules. BHOs are triggered for each
Internet Explorer and Explorer processes (iexplore.exe and explorer.exe
processes). This means that BHOs are loaded each time when you open a folder
window or Control Panel. Usually, there is no need to load all the BHOs for
folder windows or while opening Control Panel. In such case, you can prevent
a BHO from loading with Explorer.exe process.

Though I've not benchmarked the results (Resources occupied by Explorer.exe
with BHO loaded, and without a BHO loaded), I believe it should improve the
performance, (theoretically speaking).

Open Registry Editor and navigate to the following key:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \
Explorer \ Browser Helper Objects

You'll see some sub-keys in GUID format, depending upon the number of BHOs
installed in your system. Say, if you want to disable EERedirect.Handler BHO
(which I use only for Internet Explorer) from loading with Explorer.exe
process, select the appropriate GUID. In the right-pane, add a new REG_DWORD
named NoExplorer and set it's value to 1

Example: EERedirect Handler's GUID is
{F02B00B3-A88C-4EF1-98FE-557F1DAF6E4D}.

Add the NoExplorer REG_DWORD in the right-pane of this key:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \
Explorer \ Browser Helper Objects\ {F02B00B3-A88C-4EF1-98FE-557F1DAF6E4D}

Now, EERedirect.Handler BHO will not load when you open a folder, or Control
Panel window, but loads with IExplorer.exe instances.

You can easily verify the results using a Process monitoring tool such as
Process Explorer (from sysinternals.com).

Related resources
Browser Helper Objects:The Browser the Way You Want It

Disable or delete a BHO using ToolbarCop




---------------------------------------------------------------------
Eliminate annoying spam!

My mailbox is protected by iHateSpam, the #1-rated spam buster.
http://www.ihatespam.net


-----Original Message-----
From: jfw-bounce@xxxxxxxxxxxxx [mailto:jfw-bounce@xxxxxxxxxxxxx] On Behalf
Of Yardbird
Sent: Thursday, February 22, 2007 11:43 AM
To: jfw@xxxxxxxxxxxxx
Subject: Re: What is this IE Add-On?

Thanks. Now may I ask what a browser helper object is, in plain English? For
instance, I've never gotten the hang of how the term "object" is used in
computer lingo. So could you paraphrase that in a more colloquial way? For
instance, does "B H O"mean an aftermarket accessory to improve the
performance of the browser in some way? And in what sense is that an
"object," in ordinary terms? The use of the word "object" in these contexts
must, it seems to me, have some sort of metaphorical meaning that's been
adopted in computer talk, because it doesn't seem it means physical objects,
or something to be acted upon by something else, as in "the object of my
affections," for instance.

Please note: This is a sincere question about English usage, not sarcasm. So
if no one knows, because everyone's just sort of absorbed these expressions,
okay, I'll accept that. But please no flaming or insults. Thanks.


thanks.


----- Original Message -----
From: "Robert S. Batchelor" <leehigh73@xxxxxxxxxxx>
To: <jfw@xxxxxxxxxxxxx>
Sent: Thursday, February 22, 2007 7:43 AM
Subject: RE: What is this IE Add-On?


Browser Helper Object




---------------------------------------------------------------------
Eliminate annoying spam!

My mailbox is protected by iHateSpam, the #1-rated spam buster.
http://www.ihatespam.net


-----Original Message-----
From: jfw-bounce@xxxxxxxxxxxxx [mailto:jfw-bounce@xxxxxxxxxxxxx] On Behalf
Of Yardbird
Sent: Thursday, February 22, 2007 10:37 AM
To: jfw@xxxxxxxxxxxxx
Subject: Re: What is this IE Add-On?

What is the BHO?

----- Original Message -----
From: "Cher Bosch" <Cher.Bosch@xxxxxxxxxxx>
To: <jfw@xxxxxxxxxxxxx>
Sent: Thursday, February 22, 2007 6:59 AM
Subject: Re: What is this IE Add-On?


Found the answer... It's the BHO (what shows up if you have Spybot S&D
installed).

Cher



>>> "Cher Bosch" <Cher.Bosch@xxxxxxxxxxx> 02/22/07 8:43 AM >>>

Under Manage Add-ons
Show: Add-ons currently loaded in Internet Explorer
there is this entry...
{53707962-6F74-2D53-... Safer Networking Ltd. Enabled Browser Helper
Object SDHelper.
Does anyone know if this is this legit or malware?

Cher




----------------------------------------------------------------------------
----


No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.441 / Virus Database: 268.18.3/696 - Release Date: 2/21/2007
3:19 PM

--
JFW related links:
JFW homepage: http://www.freedomscientific.com/
Scripting mailing list:
http://lists.the-jdh.com/listinfo.cgi/scriptography-the-jdh.com
JFW List instructions:
To post a message to the list, send it to jfw@xxxxxxxxxxxxx
To unsubscribe from this mailing list, send a message to
jfw-request@xxxxxxxxxxxxx with the word unsubscribe in the subject line.
Archives located at: http://www.freelists.org/archives/jfw

If you have any concerns about the list, post received from the list, or the
way the list is being run, do not post them to the list. Rather contact the
list owner at jfw-admins@xxxxxxxxxxxxxx

__________ NOD32 2075 (20070222) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com


--
JFW related links:
JFW homepage: http://www.freedomscientific.com/
Scripting mailing list:
http://lists.the-jdh.com/listinfo.cgi/scriptography-the-jdh.com
JFW List instructions:
To post a message to the list, send it to jfw@xxxxxxxxxxxxx
To unsubscribe from this mailing list, send a message to
jfw-request@xxxxxxxxxxxxx with the word unsubscribe in the subject line.
Archives located at: http://www.freelists.org/archives/jfw

If you have any concerns about the list, post received from the list, or the

way the list is being run, do not post them to the list. Rather contact the
list owner at jfw-admins@xxxxxxxxxxxxxx



-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.441 / Virus Database: 268.18.3/696 - Release Date: 2/21/2007
3:19 PM


--
JFW related links:
JFW homepage: http://www.freedomscientific.com/
Scripting mailing list:
http://lists.the-jdh.com/listinfo.cgi/scriptography-the-jdh.com
JFW List instructions:
To post a message to the list, send it to jfw@xxxxxxxxxxxxx
To unsubscribe from this mailing list, send a message to
jfw-request@xxxxxxxxxxxxx with the word unsubscribe in the subject line.
Archives located at: http://www.freelists.org/archives/jfw

If you have any concerns about the list, post received from the list, or the
way the list is being run, do not post them to the list. Rather contact the
list owner at jfw-admins@xxxxxxxxxxxxxx

__________ NOD32 2075 (20070222) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com


--
JFW related links:
JFW homepage: http://www.freedomscientific.com/
Scripting mailing list: 
http://lists.the-jdh.com/listinfo.cgi/scriptography-the-jdh.com
JFW List instructions:
To post a message to the list, send it to jfw@xxxxxxxxxxxxx
To unsubscribe from this mailing list, send a message to 
jfw-request@xxxxxxxxxxxxx with the word unsubscribe in the subject line.
Archives located at: http://www.freelists.org/archives/jfw

If you have any concerns about the list, post received from the list, or the 
way the list is being run, do not post them to the list. Rather contact the 
list owner at jfw-admins@xxxxxxxxxxxxxx



-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.441 / Virus Database: 268.18.3/697 - Release Date: 2/22/2007 
11:55 AM

--
JFW related links:
JFW homepage: http://www.freedomscientific.com/
Scripting mailing list: 
http://lists.the-jdh.com/listinfo.cgi/scriptography-the-jdh.com
JFW List instructions:
To post a message to the list, send it to jfw@xxxxxxxxxxxxx
To unsubscribe from this mailing list, send a message to 
jfw-request@xxxxxxxxxxxxx with the word unsubscribe in the subject line.
Archives located at: http://www.freelists.org/archives/jfw

If you have any concerns about the list, post received from the list, or the 
way the list is being run, do not post them to the list. Rather contact the 
list owner at jfw-admins@xxxxxxxxxxxxxx

Other related posts: