Disinfecting a PC… part 5



OK, we’re moving on to BHOdemon to take care of the browser helper objects. Unfortunately it looks like BHODemon is not being currently maintained, the developer has had a housefire.

I am very sorry, but BHODemon is currently on hiatus, as I no longer have the time to devote to it (due to a house fire). You will not be able to download updates or upload reports, and I will no longer be answering emails. At some point, BHODemon may return. I would like to thank everyone for their support over the years.


No date on that post, I do hope things go well for him. BHODemon is one of the smaller/easier tools I know of to identify browser helper objects.

Anyway, details on that next time…. here is a summary of some of the virus findings.

From AVG….

SecThought

The exact description is not available.

A Trojan Horse is a malicious application, which can not spread itself. Original Trojan Horses were programs which acted as a useful utility. Although, in fact, their start used to cause damage to disc content (or part ofit).

At the present time the most spreading Trojan Horses are BackDoor Trojans. They enable remote access to infected computers and PSW (Password Stealers) – they are trying to gather as much private information from the infected computer as possible and to send the info through the Internet.

To remove the Trojan Horse, it is enough to delete the detected file

=================

BackDoor.Ruledor

The exact description is not available.

Backdoor Trojan horses usually install themselves after the Trojan horse file is ran. They also allow remote access to the infected computer when connected to the internet.

In their least dangerous form they can cause the infected computer to download or upload specific files or runcertain programs. More dangerous Trojan horse will allow the perpetrator full control of the infected computer.

=================

BackDoor.Small

The exact description is not available.

Backdoor Trojan horses usually install themselves after the Trojan horse file is ran. They also allow remote access to the infected computer when connected to the internet.

In their least dangerous form they can cause the infected computer to download or upload specific files or runcertain programs. More dangerous Trojan horse will allow the perpetrator full control of the infected computer.

=================

From symantec…
File names: Jawa32.exe

When Spyware.Seekseek runs, it does the following:

1. Adds the registry keys:
* HKEY_CLASSES_ROOTAdRotator.Application
* HKEY_CLASSES_ROOTCLSID{3E7145B1-EA07-42CE-9299-11DF39FF54BD}

2. Monitors visited Web sites and might redirect search queries to other sites.

Well, not much detail on those, AVG doesn’t get quite the detail that symantec does in their encyclopedia, but it seems to effectively clean things out. Not going to waste time looking for other name information from other AV vendors.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove Windows PC Defender | Windows PC Defender Removal Windows PC Defender is a rogue antivirus application that resembles the legitimate antispyware known as Windows Defender from Microsoft. Their intent apparently is to mimic the look an theming of that application to trick potential customers into trusting and downloading (and paying for) their product. It is a clone of......
  • How to Remove ProtectSoldier | ProtectSoldier Removal Guide ProtectSoldier followed right on the heels of ProtectDefender as another entry of rogue antivirus software in the notorious and prolific wini family of rogues. Like all of them it is installed via trojan horses and pushed via flash player updates and video codec downloads. Once installed on a system it......
  • Spyware, viral cleanup disabling system restore Sorry, but to get into the guts of what I found in the wake of the WMF exploit, I did leave out another important step in the cleanup process. IF you are trying to clean up an infested machine one of the first real goals has to be disabling system......
Blog Traffic Exchange Related Websites
  • Malware found in Lenovo software package Hii, I just got the news. Computer maker Lenovo is shipping a malware-infected software package to Windows XP users, according to warning from anti-virus researchers at Microsoft. The malicious file was identified by Microsoft as Win32/Meredrop, a Trojan dropper that is used to install and execute multiple malicious executables on......
  • How Do I Create An E Book? Tools Used In Creating eBooks Delivering Your Intellectual Property There are many different software tittles you can use to create an E-Book. Generally speaking your creation should be unalterable so, that really only leaves you with two format types. The biggest issue with E books is consumption, how to allow......
  • What is Registry Fix and Optimizer? Operating system like Microsoft Windows has a registry. The system registry holds a wealth of information about the computer, which is why when after using the PC for a short length of time, it no longer works the way it used to. This is due in part to invalid entries......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site