Jump to content

Win32/BHO.OHQ


Recommended Posts

Good afternoon,

 

After lunch, when I went to my e-mail account, I could not long in and had a pop-up warning about some licence wizard and passwords. The links that appeared were very suspicious. It happend with I.E and Mozilla (latest versions of both).

I run my AV, Eset 8.0.304.1 and it detected a trojan virus: Win32/BHO.OHQ in this location:

C:\Users\Rodrigo\AppData\LocalLow\1880036.exe - uma variante de Win32/BHO.OHQ cavalo de Tróia - limpo por exclusão - em quarentena

 

After the sweep, the virus was put in quarantine and I deleted it. I also run hitman pro after and it did not detected anything.

I re-boot my PC and everything appears fine, I can now log in in my e-mail account.

I ask what I can do more to see if my system is secure, if there is any back door left by the virus and if I can go to my accounts safely. (paypal, ebay or online bank site; this last use a keylogger for the password, do not know if it is safe or more safe in terms of this, or any virus).

I do not know how it could get in, since I did not went to any suspicious or harmful website.

 

PS: should I run also a sweep in my flash and external HDD drives?

 

Thank you!

Edited by Rhodespintus
Link to comment
Share on other sites

  • Former ESET Employees

Hello Rhodespintus,

     I would just run an in depth scan with strict cleaning to ensure that your computer is clean.  Another option is to run the ESET Online Scanner from Safe Mode with networking as most infections will be inactive (the files are not in transit), making them easier to catch. 

 

     Also, a "netstat -a | more" will allow you to see all ports that are opened, allowing you to validate any erroneous open ports.

 

     As added precaution, I would definitely scan all removable media as some viruses are caused by an infected thumb drive or removable disk.

 

~MichaelA

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...