Disinfecting a PC… part 5



OK, we’re moving on to BHOdemon to take care of the browser helper objects. Unfortunately it looks like BHODemon is not being currently maintained, the developer has had a housefire.

I am very sorry, but BHODemon is currently on hiatus, as I no longer have the time to devote to it (due to a house fire). You will not be able to download updates or upload reports, and I will no longer be answering emails. At some point, BHODemon may return. I would like to thank everyone for their support over the years.


No date on that post, I do hope things go well for him. BHODemon is one of the smaller/easier tools I know of to identify browser helper objects.

Anyway, details on that next time…. here is a summary of some of the virus findings.

From AVG….

SecThought

The exact description is not available.

A Trojan Horse is a malicious application, which can not spread itself. Original Trojan Horses were programs which acted as a useful utility. Although, in fact, their start used to cause damage to disc content (or part ofit).

At the present time the most spreading Trojan Horses are BackDoor Trojans. They enable remote access to infected computers and PSW (Password Stealers) – they are trying to gather as much private information from the infected computer as possible and to send the info through the Internet.

To remove the Trojan Horse, it is enough to delete the detected file

=================

BackDoor.Ruledor

The exact description is not available.

Backdoor Trojan horses usually install themselves after the Trojan horse file is ran. They also allow remote access to the infected computer when connected to the internet.

In their least dangerous form they can cause the infected computer to download or upload specific files or runcertain programs. More dangerous Trojan horse will allow the perpetrator full control of the infected computer.

=================

BackDoor.Small

The exact description is not available.

Backdoor Trojan horses usually install themselves after the Trojan horse file is ran. They also allow remote access to the infected computer when connected to the internet.

In their least dangerous form they can cause the infected computer to download or upload specific files or runcertain programs. More dangerous Trojan horse will allow the perpetrator full control of the infected computer.

=================

From symantec…
File names: Jawa32.exe

When Spyware.Seekseek runs, it does the following:

1. Adds the registry keys:
* HKEY_CLASSES_ROOTAdRotator.Application
* HKEY_CLASSES_ROOTCLSID{3E7145B1-EA07-42CE-9299-11DF39FF54BD}

2. Monitors visited Web sites and might redirect search queries to other sites.

Well, not much detail on those, AVG doesn’t get quite the detail that symantec does in their encyclopedia, but it seems to effectively clean things out. Not going to waste time looking for other name information from other AV vendors.

Related Posts

Blog Traffic Exchange Related Posts
  • How To Remove Alpha Antivirus (Removal Guide) There is a new rogue among us. It appears that Alpha Antivirus has replaced Personal Antivirus as one of the latest rogue security programs. This particular rogue installs through online "scans" (popups.) The reason I say "scans" is they're essentially animations of a scan (every one that visits the site......
  • How to Remove ProtectSoldier | ProtectSoldier Removal Guide ProtectSoldier followed right on the heels of ProtectDefender as another entry of rogue antivirus software in the notorious and prolific wini family of rogues. Like all of them it is installed via trojan horses and pushed via flash player updates and video codec downloads. Once installed on a system it......
  • If the cumulitive IE patch fails to install This is related to MS05-054... According to Incidents.org it's possible that this will not install (user submission of this). They also have a user submitted workaround... Shinil Hong of SUNY Buffalo has sent us his analysis of problems encountered with the installation of MS05-054. Here's what Shinil found out: The......
Blog Traffic Exchange Related Websites
  • Free Guest Success Ebook: "Becoming Unstoppable" by Paul Myers "Willpower is the least efficient, and most difficult, tool you can use to accomplish anything.  It is rarely more than a waste of time.  Why?  If you're relying on willpower, you're fighting what you really want with what you think you should want.  Even if you win that battle,......
  • What is Registry Fix and Optimizer? Operating system like Microsoft Windows has a registry. The system registry holds a wealth of information about the computer, which is why when after using the PC for a short length of time, it no longer works the way it used to. This is due in part to invalid entries......
  • Malware found in Lenovo software package Hii, I just got the news. Computer maker Lenovo is shipping a malware-infected software package to Windows XP users, according to warning from anti-virus researchers at Microsoft. The malicious file was identified by Microsoft as Win32/Meredrop, a Trojan dropper that is used to install and execute multiple malicious executables on......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site