Summary
Summary
More Information
| Affected operating systems | Windows |
|---|---|
| Protection available since | 9 June 2006 09:36:22 (GMT) |
| Last updated | 17 November 2006 11:42:17 (GMT) |
| Detected by | Sophos Anti-Virus for Windows, version 7, and PureMessage for Microsoft Exchange. |
More Information
- Summary
- More Information
HenBang is a potentially unwanted application.
When the application is installed the following files are created:
<Program Files>\hbclient\HBHelper.dll
<Windows>\hb24065.log
<Windows>\helper.ini
<System>\distributer.txt
<System>\hber.ini
<System>\hbhsy.ini
The following registry entry is created to run code exported by HBHelper.dll on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
RichMedia
<System>\Rundll32.exe "<Program Files>\hbclient\HBHelper.dll",WaitWindows
The following registry entry is set:
HKLM\SOFTWARE\RichMedia
path
<Program Files>\hbclient\HBHelper.dll
Registry entries are created under:
HKLM\SOFTWARE\RichMedia\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hbhelper\
HKCR\HBHelper.HBObject\CurVer\
HKCR\HBHelper.HBObject\CLSID\
HKCR\HBHelper.HBObject\
HKCR\HBHelper.HBObject.1\CLSID\
HKCR\HBHelper.HBObject.1\
HKCR\HBHelper.HBActivex\CLSID\
HKCR\HBHelper.HBActivex\
HKCR\HBHelper.HBActivex.1\CLSID\
HKCR\HBHelper.HBActivex.1\
HenBang provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "Rich Media".
|
