BHO.214

Aliases:	TR/Dldr.BHO.AD.1 (AntiVir)
Date added:	2007-11-03

Details

Malicious BHO with a CLSID of {FDED1C12-AD76-613C-344C-A3BD5C6415B2}

Uses a filename with the following characteristics

One letter, then _ and 4 numbers. 152kb UPX packed
Known examples
C:\PROGRA~1\COMMON~1\System\t_2141.dll
C:\PROGRA~1\COMMON~1\System\w_3789.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDED1C12-AD76-613C-344C-A3BD5C6415B2}

Removal

Use TrojanHunter to remove this trojan