Disinfecting a PC… part 5



OK, we’re moving on to BHOdemon to take care of the browser helper objects. Unfortunately it looks like BHODemon is not being currently maintained, the developer has had a housefire.

I am very sorry, but BHODemon is currently on hiatus, as I no longer have the time to devote to it (due to a house fire). You will not be able to download updates or upload reports, and I will no longer be answering emails. At some point, BHODemon may return. I would like to thank everyone for their support over the years.


No date on that post, I do hope things go well for him. BHODemon is one of the smaller/easier tools I know of to identify browser helper objects.

Anyway, details on that next time…. here is a summary of some of the virus findings.

From AVG….

SecThought

The exact description is not available.

A Trojan Horse is a malicious application, which can not spread itself. Original Trojan Horses were programs which acted as a useful utility. Although, in fact, their start used to cause damage to disc content (or part ofit).

At the present time the most spreading Trojan Horses are BackDoor Trojans. They enable remote access to infected computers and PSW (Password Stealers) – they are trying to gather as much private information from the infected computer as possible and to send the info through the Internet.

To remove the Trojan Horse, it is enough to delete the detected file

=================

BackDoor.Ruledor

The exact description is not available.

Backdoor Trojan horses usually install themselves after the Trojan horse file is ran. They also allow remote access to the infected computer when connected to the internet.

In their least dangerous form they can cause the infected computer to download or upload specific files or runcertain programs. More dangerous Trojan horse will allow the perpetrator full control of the infected computer.

=================

BackDoor.Small

The exact description is not available.

Backdoor Trojan horses usually install themselves after the Trojan horse file is ran. They also allow remote access to the infected computer when connected to the internet.

In their least dangerous form they can cause the infected computer to download or upload specific files or runcertain programs. More dangerous Trojan horse will allow the perpetrator full control of the infected computer.

=================

From symantec…
File names: Jawa32.exe

When Spyware.Seekseek runs, it does the following:

1. Adds the registry keys:
* HKEY_CLASSES_ROOTAdRotator.Application
* HKEY_CLASSES_ROOTCLSID{3E7145B1-EA07-42CE-9299-11DF39FF54BD}

2. Monitors visited Web sites and might redirect search queries to other sites.

Well, not much detail on those, AVG doesn’t get quite the detail that symantec does in their encyclopedia, but it seems to effectively clean things out. Not going to waste time looking for other name information from other AV vendors.

Related Posts

Blog Traffic Exchange Related Posts
  • If the cumulitive IE patch fails to install This is related to MS05-054... According to Incidents.org it's possible that this will not install (user submission of this). They also have a user submitted workaround... Shinil Hong of SUNY Buffalo has sent us his analysis of problems encountered with the installation of MS05-054. Here's what Shinil found out: The......
  • How to Remove APCSecure | APCSecure Removal Guide APCSecure is yet another rogue antivirus application from the prolific and annoying wini family of rogues. This particular variant also comes with a rootkit called TDL3. Trojans are used to promote this rogue antivirus and you will likely find that it will create multiple empty files on your computer that......
  • Zotob worm bites big media outlets According to several reports there are several big media outlets seeing what is reported as the zotob worm which exploits a Microsoft Windows vulnerability (MS05-039) disclosed last week. There seems to be no better way for something to make the news than for it to affect the companies that bring......
Blog Traffic Exchange Related Websites
  • What is Registry Fix and Optimizer? Operating system like Microsoft Windows has a registry. The system registry holds a wealth of information about the computer, which is why when after using the PC for a short length of time, it no longer works the way it used to. This is due in part to invalid entries......
  • Malware found in Lenovo software package Hii, I just got the news. Computer maker Lenovo is shipping a malware-infected software package to Windows XP users, according to warning from anti-virus researchers at Microsoft. The malicious file was identified by Microsoft as Win32/Meredrop, a Trojan dropper that is used to install and execute multiple malicious executables on......
  • Fiddling Instruments: A Primer pt 3 ... Continued from pt. 2 Sarangi One of the most foremost out of all of the bowed relatives is the sarangi, which is an instrument capable of making a voice like and evocative sound that is one of the best of the instruments from north India as well as Pakistan.......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site