Bohmini.A
Encyclopedia
Bohmini.A is a configurable remote access tool or Trojan
.
Bohmini.A exploits security flaws in Adobe Flash
9.0.115 with Internet Explorer
7.0 and Firefox
2.0 under Windows XP
SP2. Adobe Flash
9.0.124 is not known to be vulnerable to Bohmini.A.
In July 2008, it was known that Bohmini.A spread as malvertising
from 247mediadirect through an advertising network via the social networking site Facebook
.
Bohmini.A is detected by at least one known anti-virus product; Microsoft
Windows Live OneCare
. However, as of August 12, 2008, Microsoft
Windows Live OneCare
does not remove Bohmini.A completely, although it claims to have detected and removed it.
To remove Bohmini.A under Windows XP, run a known detecting anti-virus product such as Windows Live OneCare
and then go to Control Panel and select Switch to Classic View. Then select Scheduled Tasks and remove all tasks with the prefix At such as At1, ..., At24.
The Bohmini.A installation is customizable and therefore each of the implementations vary.
For example, the executable names vary.
Bohmini.A is configured to notify and update itself over HTTP
.
Trojan horse (computing)
A Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but steals information or harms the system. The term is derived from the Trojan Horse story in Greek mythology.-Malware:A destructive program that masquerades as a benign...
.
Bohmini.A exploits security flaws in Adobe Flash
Adobe Flash
Adobe Flash is a multimedia platform used to add animation, video, and interactivity to web pages. Flash is frequently used for advertisements, games and flash animations for broadcast...
9.0.115 with Internet Explorer
Internet Explorer
Windows Internet Explorer is a series of graphical web browsers developed by Microsoft and included as part of the Microsoft Windows line of operating systems, starting in 1995. It was first released as part of the add-on package Plus! for Windows 95 that year...
7.0 and Firefox
Mozilla Firefox
Mozilla Firefox is a free and open source web browser descended from the Mozilla Application Suite and managed by Mozilla Corporation. , Firefox is the second most widely used browser, with approximately 25% of worldwide usage share of web browsers...
2.0 under Windows XP
Windows XP
Windows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
SP2. Adobe Flash
Adobe Flash
Adobe Flash is a multimedia platform used to add animation, video, and interactivity to web pages. Flash is frequently used for advertisements, games and flash animations for broadcast...
9.0.124 is not known to be vulnerable to Bohmini.A.
In July 2008, it was known that Bohmini.A spread as malvertising
Malvertising
Malvertising is the use of online advertising to spread malware.Because advertising content can be inserted into high-profile reputable websites, malvertising provides malefactors an opportunity to "push" their attacks at cautious web users who would not normally visit unknown external URLs, by...
from 247mediadirect through an advertising network via the social networking site Facebook
Facebook
Facebook is a social networking service and website launched in February 2004, operated and privately owned by Facebook, Inc. , Facebook has more than 800 million active users. Users must register before using the site, after which they may create a personal profile, add other users as...
.
Bohmini.A is detected by at least one known anti-virus product; Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
Windows Live OneCare
Windows Live OneCare
Windows Live OneCare was a computer security and performance enhancement service developed by Microsoft for Microsoft Windows. A core technology of OneCare was the multi-platform RAV , which Microsoft purchased from GeCAD Software Srl in 2003, but subsequently discontinued...
. However, as of August 12, 2008, Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
Windows Live OneCare
Windows Live OneCare
Windows Live OneCare was a computer security and performance enhancement service developed by Microsoft for Microsoft Windows. A core technology of OneCare was the multi-platform RAV , which Microsoft purchased from GeCAD Software Srl in 2003, but subsequently discontinued...
does not remove Bohmini.A completely, although it claims to have detected and removed it.
To remove Bohmini.A under Windows XP, run a known detecting anti-virus product such as Windows Live OneCare
Windows Live OneCare
Windows Live OneCare was a computer security and performance enhancement service developed by Microsoft for Microsoft Windows. A core technology of OneCare was the multi-platform RAV , which Microsoft purchased from GeCAD Software Srl in 2003, but subsequently discontinued...
and then go to Control Panel and select Switch to Classic View. Then select Scheduled Tasks and remove all tasks with the prefix At such as At1, ..., At24.
The Bohmini.A installation is customizable and therefore each of the implementations vary.
For example, the executable names vary.
Bohmini.A is configured to notify and update itself over HTTP
Hypertext Transfer Protocol
The Hypertext Transfer Protocol is a networking protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web....
.