My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Adware.BHO

MEDIUM
MEDIUM
~64K
(Adware.Win32.BHO.cd, Backdoor-AWQ.b, ADSPY/Thunder)

Symptoms

XunLeiBHO_001.dll present in system folder.

Removal instructions:

Please let BitDefender disinfect your files.

Analyzed By

Theodor-Iulian Ciobanu, virus researcher

Technical Description:

This library is dropped in the system folder as "XunLeiBHO_001.dll" by an executable which then registers the dll and deletes itself. Despite the misleading file name, the dll is not part of the Thunder Download Manager, but usually comes bundled with piracy tools (patchers and key generators), that install it without any notice.

Upon loading, it submits information about the system it is running on to various addresses, depending on version.