Browser Helper Object Information (Blender, Beta) @ JavaScriptBin.com

Browser Helper Object Information

A Browser Helper Object (BHO) is a DLL module designed as a plugin for Microsoft's Internet Explorer web browser to provide added functionality. BHOs were introduced in October 1997 with the release of version 4 of Internet Explorer. Most BHOs are loaded once by each new instance of Internet Explorer. However, in the case of the Windows Explorer, a new instance is launched for each window.

1 Implementation
2 Examples of BHO
3 Concerns
4 See also
5 References
6 External links
- 6.1 Microsoft sites
- 6.2 Listings and examples

Implementation

Each time a new instance of Internet Explorer starts, it checks the windows registry for the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects If Internet Explorer finds this key in the registry, it looks for a CLSID key listed below the key. The CLSID keys under Browser Helper Objects tell the browser which BHOs to load. Removing the registry key prevents the BHO from being loaded. For each CLSID that is listed below the BHO key, Internet Explorer calls CoCreateInstance to start the instance of the BHO in the same process space as the browser. If the BHO is started and implements the IObjectWithSite interface, it can control and receive events from Internet Explorer. BHOs can be created in any language that supports COM.^[1]

Examples of BHO

Some modules enable the display of different file formats not ordinarily interpretable by the browser. The Adobe Acrobat plug-in that allows Internet Explorer users to read PDF files within their browser is a BHO.

Other modules add toolbars to Internet Explorer, such as the Alexa Toolbar that provides a list of web sites related to the one you are currently browsing, or the Google Toolbar that adds a toolbar with a Google search box to the browser user interface.

The Conduit toolbars are based on a BHO that can be used on Internet Explorer 7 and up. This BHO provides a search facility that connects to Microsoft's Bing search. However, security firm Sophos is of the opinion that this BHO is malware that connects to malware-infected Internet content.

Concerns

The BHO API exposes hooks that allow the BHO to access the Document Object Model (DOM) of the current page and to control navigation. Because BHOs have unrestricted access to the Internet Explorer event model, some forms of malware have also been created as BHOs. For example, the Download.ject malware installs a BHO that would activate upon detecting a secure HTTP connection to a financial institution, record the user's keystrokes (intending to capture passwords) and transmit the information to a website used by Russian computer criminals. Other BHOs such as the MyWay Searchbar track users' browsing patterns and pass the information they record to third parties.

Many BHOs introduce visible changes to a browser's interface, such as installing toolbars in Internet Explorer and the like, but others run without any change to the interface. This renders it easy for malicious coders to conceal the actions of their browser add-on, especially since, after being installed, the BHO seldom requires permission before performing further actions. For instance, variants of the ClSpring trojan use BHOs to install scripts to provide a number of instructions to be performed such as adding and deleting registry values and downloading additional executable files, all completely transparently to the user.^[2] The DyFuCA spyware even replaces Internet Explorer's general error page with an ad page.

In response to the problems associated with BHOs and similar extensions to Internet Explorer, Microsoft debuted an Add-on Manager in Internet Explorer 6 with the release of Service Pack 2 for Windows XP (updating it to IE6 Security Version 1, a.k.a. SP2). This utility displays a list of all installed BHOs, browser extensions and ActiveX controls, and allows the user to enable or disable them at will. There are also free tools (such as BHODemon) that list installed BHOs and allow the user to disable malicious extensions. Spybot S&D advanced mode has a similar tool built in to allow the user to disable installed BHOs. Many anti-spyware applications also offer the capability to block the download or install of BHOs identified as malicious.

In IE9 Beta, BHOs and toolbars are not loaded when a link pinned to the taskbar is accessed.

References

^ Roberts Scott, Programming Microsoft Internet Explorer 5, Microsoft Press, 1999, ISBN 0-7356-0781-8
^ Computer Associates malware entry at http://www.ca.com/us/securityadvisor/virusinfo/virus.aspx?id=42280, retrieved 1/16/2009

External links

https://sites.google.com/site/bhosearch/

Microsoft sites

IEHelper-Attaching to Internet Explorer 4.0 by Using a Browser Helper Object
Control Internet Explorer Add-ons with Add-on Manager - an article on Microsoft.com that explains this new feature of Windows XP Service Pack 2
Building Browser Helper Objects with Visual Studio 2005 - an October 2006 MSDN article by Tony Schreiner and John Sudds

Listings and examples

CLSID List - master list created by Tony Klein and others, that attempts to record and identify every BHO available (previously located at - the now defunct - castlecops.com)
C++ example code for a BHO
C# example code for a BHO
PestPatrol - has listings and classifications of BHOs (NOTE: page hasn't been updated since April 7, 2005!)

· · Microsoft APIs and frameworks

Graphics	Desktop Window Manager · Direct2D · Direct3D (extensions) · GDI / GDI+ · WPF · Windows Color System · Windows Image Acquisition · Windows Imaging Component

Audio	DirectMusic · DirectSound · DirectX plugin · XACT · Speech API

Multimedia	DirectX (Media Objects · Video Acceleration) · DirectInput · DirectPlay · DirectShow · Image Mastering API · Managed DirectX · Media Foundation · XNA · Windows Media · Video for Windows

Web	MSHTML · RSS Platform · JScript · VBScript · BHO · XDR · SideBar Gadgets

Data access	Data Access Components · Extensible Storage Engine · ADO.NET · ADO.NET Entity Framework · Sync Framework · Jet Engine · MSXML · OLE DB · OPC

Networking	Winsock (LSP) · Winsock Kernel · Filtering Platform · Network Driver Interface Specification · Windows Rally · BITS · P2P API · MSMQ · MS MPI

Communication	Messaging API · Telephony API · WCF

Administration and management	Win32 console · Windows Script Host · WMI (extensions) · PowerShell · Task Scheduler · Offline Files · Shadow Copy · Windows Installer · Error Reporting · Event Log · Common Log File System

Component model	COM · COM+ · ActiveX · Distributed Component Object Model · .NET Framework

Libraries	Base Class Library (BCL) · Microsoft Foundation Classes (MFC) · ·

Device drivers	Windows Driver Model · Windows Driver Foundation (KMDF · UMDF) · WDDM · NDIS · UAA · Broadcast Driver Architecture · VxD

Security	Crypto API (CAPICOM) · Windows CardSpace · Data Protection API · Security Support Provider Interface (SSPI)

.NET	ASP.NET · ADO.NET · Base Class Library (BCL) · Remoting · Silverlight · TPL · WCF · WCS · WPF · WF

Software factories	EFx Factory · Enterprise Library · Composite UI · CCF · CSF

IPC	MSRPC · Dynamic Data Exchange (DDE) · Remoting · WCF

Accessibility	Active Accessibility · UI Automation

Text and multilingual support	DirectWrite · Text Services Framework · Text Object Model · Input method editor · Language Interface Pack · Multilingual User Interface · Uniscribe

· · Windows Internet Explorer

Versions

Main	Version 1 · Version 2 · Version 3 · Version 4 · Version 5 · Version 6 · Version 7 · Version 8 · Version 9 · Version 10

Other	Mobile · for Mac · for UNIX · IEs4Linux · Version Overview

Overview

History · Removal · Easter eggs · Box model · Add-ins · Browser Helper Object (BHO) · Extensions · Shells

Technologies

MSXML · RSS Platform · Smart tags · JScript · DHTML (HTA · HTML Components) · Vector Markup Language · MHTML · HTML+TIME · XHR/XDomainRequest · ActiveX · WPAD · Temporary Internet Files · Index.dat · favicon.ico · Web Slice · Accelerator

Software & Engines

Administration Kit · Developer Toolbar · Integrated Windows Authentication · Tasman · Trident (Chakra)

Implementations

Outlook Express · Internet Mail and News · Comic Chat/Chat 2.0 · NetMeeting · NetShow · ActiveMovie · DirectX Media · Windows Address Book · Windows Desktop Update · Active Desktop · Active Channel · Channel Definition Format (.cdf) · Microsoft Java Virtual Machine (MSJVM) · Server Gated Cryptography (SGC) · MSN Explorer · MSN for Mac OS X · Spyglass

Events

First browser war · United States v. Microsoft · Sun v. Microsoft · Download.ject · Eolas v. Microsoft · Second browser war

People

Dean Hachamovitch · Scott Isaacs · Tantek Çelik

Web browsers (timeline · comparison · usage · list)

Categories: Internet Explorer

The above information uses material from Wikipedia and is licensed under the GNU Free Documentation License.
Some facts may not have been fully verified for accuracy. [Disclaimers]
This page was last archived by our server on Fri Sep 9 02:56:35 2011.
Displaying this page or its contents does not use any Wikimedia Foundation's resources.
The owners of this site proudly support the Wikimedia Foundation.

More Information Results for "Browser Helper Object"

[Hide]▼

'Browser Helper Object' Images

[Hide]▲

Related Terms:	Browser	Blender	Browser Helper Object	Helper Browser Object
	Sample	Ludumdare	Plugin Development	Helper Object Browser
	Helper	Helper Object	Helper Browser	Object Browser Helper
	Object	Issue X Px Pc	Object Browser	Issue Document Sample Pc
	Beta	Browser Helper	Browser Object	Planetblender Org Planet Blender

or search for "browser helper object" in:	Web:	The Entire Web	Web Directory
	This Site:	Page Titles	This Site	Related Terms	Proximate Terms
	News:	Headlines	Events	Blogs
	Reference:	Encyclopedia	Dictionary	eTexts	Quotes
		Answers
	Multimedia:	Images	Videos	Audio
	People:	Discussion Groups	Social Networking
	Shopping:	General Merch.	Consumer Info		Classifieds