Not what you were looking for? Ask our experts!
Reply
Contributor
SlowGuy
Posts: 31
Registered: ‎06-09-2010

Trojan.BHO

Just found this using Malwarebytes, but can not find any info on line that expains what this Trojan.BHO does and what harm may have been done before it was removed.  Any info on this infection would be appreciated.  Thank you!

floplot
Posts: 10,383
Topics: 210
Kudos: 2,024
Solutions: 361
Registered: ‎04-11-2009

Re: Trojan.BHO

Hello SlowGuy

 

Perhaps malwarebytes forum has a listing of malware that it can find and the damage that can be caused by it. Since you have had 2 recent trojan experiences, you could try a scan with the free version of SUPERAntiSpyware and see if that comes up with..

 

Here is a free on demand antimalware scanner. It is safe to use on demand with your Norton product.


http://www.superantispyware.com/

Here is another site you can use to get the program.

http://www.filehippo.com/download_superantispyware/

The download button is on the right hand side. Please be careful not to download Spyware Doctor which is on the left side. Also, please don't forget to update the program each time before use of it. In fact you can update it every day just in case some malware may prevent you from updating it.

 

Please also provide us with a scan with HiJackThis to see if there is something that may be causing you to get these trojans.

 

Please download HiJackThis from http://free.antivirus.com/hijackthis/ Choose the executable and save it on your desktop. Run the file and select the first option on the main menu "Do a system scan and save a log file". When this is finished, Notepad will open with the log file in it. Save the log file and attach it to a post here via the Add Attachments Please don't attempt to fix anything that it shows until someone checks out the log. Thanks.

 

Please come back with this information and then perhaps we can find why you are getting all these infections. Thanks.

Success always occurs in private and failure in full view.




Super Spam Squasher
cgoldman
Posts: 2,929
Registered: ‎06-25-2008

Re: Trojan.BHO

BHO usually means a Browser Helper Object.

Contributor
SlowGuy
Posts: 31
Registered: ‎06-09-2010

Re: Trojan.BHO

Hello floplot,

 

I ran the hijackthis scan and here is the log.  Please let me know what you find.  Please also be aware that yesterday after running the malewarebytes and superantispyware scans I had them clean the computer of all of the identified infections.  I hope the scan will still provide some useful information.

 

Thank you!

Contributor
SlowGuy
Posts: 31
Registered: ‎06-09-2010

Re: Trojan.BHO

Thank you, cgoldman...

 

I don't know what a Browser Helper Object does, but I appreciae the information. 

 

The little info I could find on this Trojan online indicates that it is a Keylogger of some sort and that it has something to do with Internet Explorer... but I don't know if this is accurate or what (if any) personal information may have been logged.

Super Virus Trouncer
bjm_
Posts: 2,192
Registered: ‎09-07-2008

Re: Trojan.BHO

[ Edited ]

Hi SlowGuy

Browser Helper Object

Q: In addition to Norton Security Suite are you running SAS as Real Time ....as per hijackthis log it appears you are ?

Super Spam Squasher
cgoldman
Posts: 2,929
Registered: ‎06-25-2008

Re: Trojan.BHO


SlowGuy wrote:

Thank you, cgoldman...

 

I don't know what a Browser Helper Object does, but I appreciae the information. 

 

The little info I could find on this Trojan online indicates that it is a Keylogger of some sort and that it has something to do with Internet Explorer... but I don't know if this is accurate or what (if any) personal information may have been logged.


From Wikepedia

A Browser Helper Object (BHO) is a DLL module designed as a plugin for Microsoft's Internet Explorer web browser to provide added functionality. BHOs were introduced in October 1997 with the release of version 4 of Internet Explorer. Most BHOs are loaded once by each new instance of Internet Explorer. However, in the case of the Windows Explorer, a new instance is launched for each window.

 

 

Bot Obliterator
Quads
Posts: 16,451
Registered: ‎07-21-2008

Re: Trojan.BHO

[ Edited ]

 


bjm_ wrote:

Hi SlowGuy

Browser Helper Object

Q: In addition to Norton Security Suite are you running SAS as Real Time ....as per hijackthis log it appears you are ?


 

Possibly not The Free Version after install shows like that even when the realtime scanner disabled, Until you change the settings.

 

But that has been stated about in this forum before. Hijackthis does not show the difference between the Free and Pro version with the as both can have options selected for startup which means that they look the same in hijackthis. Has nothing to do with the Realtime Scanner. 

 

Quads

 

 

floplot
Posts: 10,383
Topics: 210
Kudos: 2,024
Solutions: 361
Registered: ‎04-11-2009

Re: Trojan.BHO

Hello

 


O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={...}


Out of curiousity, is this anything bad? I'm not an expert with HiJackThis logs.

Success always occurs in private and failure in full view.




Bot Obliterator
Quads
Posts: 16,451
Registered: ‎07-21-2008

Re: Trojan.BHO

[ Edited ]

 


floplot wrote:

Hello

 


O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={...}


Out of curiousity, is this anything bad? I'm not an expert with HiJackThis logs.


 

 

I'm not going to state if there are any bad entries in the Hijackthis log or not! But then again I didn't ask for a log.

 

 

Quads