10 entries found.
TrojanDropper:Win32/Bohu.A
TrojanDropper:Win32/Bohu.A is a trojan that drops Trojan:Win32/Bohu.A!Installer - a trojan that filters an affected computer's network traffic in order to stop malware-related data from being sent to information-gathering networks that belong to particular AV companies in China.
It has been distributed masquerading as a high definition video player.
Alert level:
severe
Trojan:Win32/Bohu.A!Installer
Trojan:Win32/Bohu.A!Installer writes random data into the end of its dropped files to avoid detection based on their hashes.
It installs an NDIS intermediate miniport driver and Windows Sockets service provider interface (SPI) to filter network access. It does this to prevent client programs from uploading data to a remote server.
Alert level:
severe
Trojan:Win32/Bohu.A
Trojan:Win32/Bohu.A is a trojan that redirects web browsers to a specified website.
Alert level:
severe
VirTool:WinNT/Bohu.A
VirTool:WinNT/Bohu.A is a malicious kernel-mode driver and rootkit that is installed by TrojanDropper:Win32/Bohu.B. It is used to monitor registry keys pertaining to the malware and to prevent security processes from executing.
Alert level:
severe
Trojan:Win32/Drowser.A
Trojan:Win32/Drowser.A is a trojan that may arrive bundled with other malware. It attempts to run certain files.
Alert level:
severe
Trojan:WinNT/Goriadu.gen!A
Trojan:WinNT/Goriadu.gen!A is an NDIS intermediate miniport driver that blocks traffic intended for malware intelligence-gathering networks that belong to particular AV organizations in China.
Alert level:
severe