Adware.BHO
MEDIUM
MEDIUM
~64K
(Adware.Win32.BHO.cd, Backdoor-AWQ.b, ADSPY/Thunder)
Symptoms
XunLeiBHO_001.dll present in system folder.
Removal instructions:
Please let BitDefender disinfect your files.
Analyzed By
Theodor-Iulian Ciobanu, virus researcher
Technical Description:
This library is dropped in the system folder as "XunLeiBHO_001.dll" by an executable which then registers the dll and deletes itself. Despite the misleading file name, the dll is not part of the Thunder Download Manager, but usually comes bundled with piracy tools (patchers and key generators), that install it without any notice.
Upon loading, it submits information about the system it is running on to various addresses, depending on version.
SHARE
THIS ON