Disinfecting a PC… part 5



OK, we’re moving on to BHOdemon to take care of the browser helper objects. Unfortunately it looks like BHODemon is not being currently maintained, the developer has had a housefire.

I am very sorry, but BHODemon is currently on hiatus, as I no longer have the time to devote to it (due to a house fire). You will not be able to download updates or upload reports, and I will no longer be answering emails. At some point, BHODemon may return. I would like to thank everyone for their support over the years.


No date on that post, I do hope things go well for him. BHODemon is one of the smaller/easier tools I know of to identify browser helper objects.

Anyway, details on that next time…. here is a summary of some of the virus findings.

From AVG….

SecThought

The exact description is not available.

A Trojan Horse is a malicious application, which can not spread itself. Original Trojan Horses were programs which acted as a useful utility. Although, in fact, their start used to cause damage to disc content (or part ofit).

At the present time the most spreading Trojan Horses are BackDoor Trojans. They enable remote access to infected computers and PSW (Password Stealers) – they are trying to gather as much private information from the infected computer as possible and to send the info through the Internet.

To remove the Trojan Horse, it is enough to delete the detected file

=================

BackDoor.Ruledor

The exact description is not available.

Backdoor Trojan horses usually install themselves after the Trojan horse file is ran. They also allow remote access to the infected computer when connected to the internet.

In their least dangerous form they can cause the infected computer to download or upload specific files or runcertain programs. More dangerous Trojan horse will allow the perpetrator full control of the infected computer.

=================

BackDoor.Small

The exact description is not available.

Backdoor Trojan horses usually install themselves after the Trojan horse file is ran. They also allow remote access to the infected computer when connected to the internet.

In their least dangerous form they can cause the infected computer to download or upload specific files or runcertain programs. More dangerous Trojan horse will allow the perpetrator full control of the infected computer.

=================

From symantec…
File names: Jawa32.exe

When Spyware.Seekseek runs, it does the following:

1. Adds the registry keys:
* HKEY_CLASSES_ROOTAdRotator.Application
* HKEY_CLASSES_ROOTCLSID{3E7145B1-EA07-42CE-9299-11DF39FF54BD}

2. Monitors visited Web sites and might redirect search queries to other sites.

Well, not much detail on those, AVG doesn’t get quite the detail that symantec does in their encyclopedia, but it seems to effectively clean things out. Not going to waste time looking for other name information from other AV vendors.

Related Posts

Blog Traffic Exchange Related Posts
  • Zotob worm bites big media outlets According to several reports there are several big media outlets seeing what is reported as the zotob worm which exploits a Microsoft Windows vulnerability (MS05-039) disclosed last week. There seems to be no better way for something to make the news than for it to affect the companies that bring......
  • How to Remove Ghost Antivirus Ghost Antivirus is a rogue antivirus application that is the successor to Antivirus Pro. This rogue is pushed through trojan horse activity and aggressive advertising tactics. It makes things very challenging to remove this rogue because it disables task manager, as well as any security programs that it detects. It......
  • Zero-day ( 0-day) Microsoft Word exploit There was some news on this last night at Incidents.org, today F-secure has some details as well on the trojan that's dropped in this circulating, exploit. It seems as though the initial attack was very targetted against a specific organization. Antivirus packages did not recognize the trojan that the exploit......
Blog Traffic Exchange Related Websites
  • Computer Slow Start - How To Get Your Computer Optimized And Repaired To Instantly Fix The Slow Start! It's not as hard as you think to fix a computer slow start. In fact, it's incredibly easy to do and will only take just minutes. So, take just 60 seconds out of your busy day to read this article here and learn more about the best tool to repair......
  • Malware found in Lenovo software package Hii, I just got the news. Computer maker Lenovo is shipping a malware-infected software package to Windows XP users, according to warning from anti-virus researchers at Microsoft. The malicious file was identified by Microsoft as Win32/Meredrop, a Trojan dropper that is used to install and execute multiple malicious executables on......
  • What is Registry Fix and Optimizer? Operating system like Microsoft Windows has a registry. The system registry holds a wealth of information about the computer, which is why when after using the PC for a short length of time, it no longer works the way it used to. This is due in part to invalid entries......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site