Home / malware Adware.BHO
First posted on 21 November 2011.
Source: BitDefenderAliases :
Adware.BHO is also known as Adware.Win32.BHO.cd, Backdoor-AWQ.b, ADSPY/Thunder.
Explanation :
This library is dropped in the system folder as "XunLeiBHO_001.dll" by an executable which then registers the dll and deletes itself. Despite the misleading file name, the dll is not part of the Thunder Download Manager, but usually comes bundled with piracy tools (patchers and key generators), that install it without any notice.
Upon loading, it submits information about the system it is running on to various addresses, depending on version.Last update 21 November 2011
