BHO Set IE plugin

IE plug-in is already not a new thing, in the IE4 era, but with the proliferation of malicious plug-ins, and once again by people attention. At present, many websites are being hung by horses under unconscious or conscious circumstances, allowing users to download. cab automatic installation, so that users of malicious IE plug-ins. Or when the user installs a software from a third party website, the installation process looks at everything normal, but in this unknowingly users on the malicious IE plug-ins. Malicious IE plug-ins are really evil, random pop-up ads window, bullets do not play some good ads, tamper with HTML content, embedded in the IFrame, tampering with search engine results, tampering with the href link address. Because of the proliferation of malicious plug-ins, just like 360safe such a good dongdong.


There are three main types of IE Plug-ins:
1. ActiveX control.
2. Browser Helper Object (BHO).
3. Browser Extensions.


ActiveX control such as: Flash, bank-specific input boxes, and so on.
Browser Extensions http://msdn2.microsoft.com/en-us/library/aa753587 (vs.85). aspx For example: Zend Studio, the Hao side vs platform and so on. Browser extensions mainly expands IE ToolBar contextmenu and so on.
Browser Helper Object (BHO) is the root of IE malicious plug-ins (like COM IUnknown), most IE malicious plug-ins are a BHO.

Dino Esposito A detailed example of BHO"How to use BHO to customize your Internet Explorer browser"
English Original:
Http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwebgen/html/bho.asp
Chinese translation:
http://www.vckbase.com/document/viewdoc/?id=1426
The corresponding sample program in the article downloads the address:
http://support.microsoft.com/kb/179230

This is because of this sample program: Iehelper spawned a lot of IE plug-ins, if the search IEHelper.exe with Baidu is the first search is a malicious ie plug-ins.

Most of the articles on IE Plug-ins are based on VC6, the General sample program conversion to VS2005 under the compiler error, and the article also did not detail how to install and debug bho.
The content below is through to Dino Esposito "How to use BHO to customize your Internet Explorer browser" to extract the core content of bho, write an IE bho plug-in, the main role of this plug-in is to screen all the pictures in the page, when the page is displayed , so that all the pictures are not displayed. The principle and working mechanism of specific BHO in Dino Esposito's "How to use BHO to customize your Internet Explorer browser", this is not the way to swim. :)
Download this BHO, with VS2005 Open, F5 directly run, if the breakpoint can be normal break, this bho in your VS2005 under all normal.



You can use this BHO to learn bho or further BHO development in a friendly IDE environment such as VS2005.
If the breakpoint cannot be broken, there is a problem with the BHO installation.
Install bho: BHO is a com,bho installation process is actually a COM registration process, that is, the COM UUID correctly registered in the registry. Open Wipeimg.rgs will see:



The Browser helper Objects in the Noremove Browser helper Objects is to be on the BHO name pair in the registry, and this key is in the hkey_local_machine/software/microsoft/ windows/currentversion/explorer/under.
VS2005 automatically registers this key value in the registry after F5 runs.



This BHO can also be seen in the Manage add-ons of IE



If the BHO name in your registry is not a browser Helper Objects, you need to modify it in Wipeimg.rgs to be consistent.

Debug bho: BHO is a DLL, its entry is dllmain,dll need a running container to run it, BHO container is IEXPLORE. Exe. VS2005 will pop up when you first run the dialog box where you choose to run the container you need to select IEXPLORE.EXE, if your default browser is IE you can also choose the default browser. If the default browser is not IE here you need special attention.



By completing the configuration above, this BHO will be free to debug in your VS2005. :)