This one, in turn, downloads rogue
antiviruses like VirusHeat or AntivirusXP versions.
In order to remove the BHO please follow
the steps below:
- Start Autoruns
- Browse to the Internet Explorer tab
Look for entries like “Xena
toolbarModule” which leads to Dynamic-link Libraries named: dadef.dll, idef.dll, ipol.dll,
conio.dll, dapol.dll, nada64.dll, opus64.dll, codef.dll, copol.dll etc located
- Close all instances of
- Delete the entries from
Autoruns (write them down for the next step)
- Delete the files from the
hard disk (if you can’t do this, go back to step 2)
this article is available courtesy of BitDefender Virus Researchers: Daniel
Chipiristeanu and Laura Boeriu
Additional notes: this guide is intended
for any type of user as long as they follow the exact steps described above.
Any damage done to your system as a result of following this guide is your
responsibility. hotforsecurity.com cannot guarantee a successful removal for any
threat version described above.