Shell Extension - A definition

The Microsoft Windows user interface enables to user to access and modify a range of objects necessary for managing the operating system. The most familiar of these objects are files and folders, which are stored on the hard-drive. Another example of these objects is the recycle bin. The shell organize these objects in a tree-structured hierarchy, and the user can interact with the objects through the shell's graphical user interface, Windows Explorer, or an application.

Third-party developer can extend the shell by using the Shell's application programming interface (API). A Shell Extension enables the third-party developer to run his program inside the Shell. This can be used for both good and bad. A legitimate example is to extend the shell with an object that represents a database or a FTP server that can be accessed from Windows Explorer. An illegitimate example is to extend the shell with a hidden adware object that opens pop-up windows.

As I see it, spyware and adware vendors benefit from choosing to implement their software as a Shell Extension. Firstly, a shell extension is tightly coupled with the operating system, making it more difficult to remove than a regular piece of software. Secondly, it can be harder, perhaps even for experienced users, to spot adware or spyware since it is running within the shell, thus making no appearance in the Task Manager, neither in the Application List nor in the Process list. Thirdly, taking into account that firewalls often operates at a granularity of processes and that the Windows Explorer process in many cases is allowed to connect to the Internet, a shell extension has very low probability of being spotted compared to regular software.

Related links

Bazooka - Free scan for spyware, adware, trojan horses, keyloggers, etc. Detects more than 500 potentially unwanted applications. Freeware!

The File Database - Search the file database for more information. Free!

PopUp Blocker Test - Find out if your pop-up killer can handle all pop-ups. Free!

Kephyr Labs - Find out what is going on at Kephyr. Try products in an early stage of development.

Read more about FreeFixer, Kephyr's latest spyware removal tool.
Home & Products |  Legal |  Privacy |  Search

© Kephyr, 2003-2012. HtmlTidy, HTML 4.01, CSS