In this post, I am going to tell you about the symptoms of Bodontae spyware appearance, and also the way to get rid of Bodontae spyware virus from your PC.
Describing Bodontae spyware
Bodontae TrojanSpy as the virus is not a solitary app, but a component of considerably more expansive as well as complex malware – trojan-stealer. It’s a sort of trojan, which is targeted on your personal data, and also gathers really whatever relating to you as well as your PC. Ordinarily, stealers have keylogger functions1, which allow them to record your keystrokes. In addition to that, Bodontae virus can collect your cookie files, your phone number, location; it likewise can thieve all your passwords from the keychain within the web browser.
| Name | Bodontae |
| Infection Type | Spyware |
| Symptoms |
|
| Similar behavior | AgentKlog, Tiggre, Flunuceo |
| Fix Tool |
See If Your System Has Been Affected by Bodontae spyware |
However, the large share of Bodontae spy are hunting for your banking data: credit card number, safety codes and expiration date. For instance, if you utilize online banking, the Bodontae stealer virus is able to compromise your login and password, so the thugs will certainly get access to your account. Many different business data might also be an item of interest of Bodontae virus distributors, and an instance of large firms such information leak may lead to catastrophic effects.
The major distribution manners of Bodontae spyware are identical to other trojans. Nowadays, most of such applications are spread through email additions. These additions (. docx,. pdf documents) include infected macroses, which are utilized by Bodontae spy to invade your personal computer. Sometimes, these letters have links to the phishing copies of official sites, like Facebook, Twitter, LinkedIn or so.
Most popular spyware in 20202
It is essential to state that there is an autonomous type of spyware – for Android operating system. Such applications have the same functions as the PC edition does, however, mobile malware is spread as a legit program for checking the spouse’s or children’s geographic location. Nonetheless, besides taking various personal information, it can also reveal you a totally wrong place of the phone you are trying to track. Such scenarios may trigger complaints out of the blue.
How can I understand that my computer is infected with Bodontae spyware?
Bodontae spy is an incredibly stealth malware, because its productiveness depends upon how much time it can run prior to being detected. So, Bodontae spyware developers made everything to make their application existence as insensible as feasible. Of course, you will notice that your profiles in social networks are taken, as well as funds from your bank account is flowing away, but it is far too late.
Bodontae also known as
| Bkav | W32.AIDetect.malware1 |
| K7AntiVirus | Trojan ( 005642691 ) |
| DrWeb | Trojan.MulDrop8.30248 |
| Cynet | Malicious (score: 100) |
| ALYac | Trojan.GenericKD.31087616 |
| K7GW | Trojan ( 005642691 ) |
| Cybereason | malicious.7b820f |
| ESET-NOD32 | a variant of Win32/Autoit.DI |
| APEX | Malicious |
| Avast | FileRepMalware [PUP] |
| Kaspersky | Trojan-Ransom.Win32.Blocker.lcin |
| BitDefender | Trojan.GenericKD.31087616 |
| NANO-Antivirus | Trojan.Win32.Blocker.ffprsh |
| MicroWorld-eScan | Trojan.GenericKD.31087616 |
| Tencent | Win32.Trojan.Blocker.Wtdx |
| Ad-Aware | Trojan.GenericKD.31087616 |
| Sophos | Generic ML PUA (PUA) |
| McAfee-GW-Edition | BehavesLike.Win32.TrojanAitInject.tc |
| FireEye | Generic.mg.6be151c7b820fc73 |
| Emsisoft | Trojan.GenericKD.31087616 (B) |
| eGambit | Unsafe.AI_Score_84% |
| Microsoft | TrojanSpy:AutoIt/Bodontae.A |
| Arcabit | Trojan.Generic.D1DA5C00 |
| AegisLab | Trojan.Win32.Generic.4!e |
| GData | Trojan.GenericKD.31087616 |
| McAfee | Artemis!6BE151C7B820 |
| MAX | malware (ai score=89) |
| Malwarebytes | MachineLearning/Anomalous.100% |
| Ikarus | Trojan-Spy.AutoIt.Bodontae |
| MaxSecure | Trojan.Malware.300983.susgen |
| Fortinet | W32/Blocker.LCIN!tr |
| AVG | FileRepMalware [PUP] |
| Paloalto | generic.ml |
Domains that associated with Bodontae:
Domains that associated with Bodontae:
| 0 | gendoubre.ddns.net |
| 1 | gendoubre.1s.fr |
| 2 | edgedl.me.gvt1.com |
What are the symptoms of Bodontae trojan?
- Executable code extraction;
- Attempts to connect to a dead IP:Port (2 unique times);
- Creates RWX memory;
- Performs some HTTP requests;
- The binary likely contains encrypted or compressed data.;
- Uses Windows utilities for basic functionality;
- Installs itself for autorun at Windows startup;
- Creates a hidden or system file;
- Attempts to modify or disable Security Center warnings;
- Anomalous binary characteristics;
- Attempts to modify Explorer settings to prevent file extensions from being displayed;
- Attempts to modify Explorer settings to prevent hidden files from being displayed;
- Uses suspicious command line tools or Windows utilities;
To avoid infiltration of Bodontae spyware, stay away from launching any type of attachments to the e-mails from uncertain addresses. These days, during quarantine, email-distributed malware gets way more active. Users (specifically ones that started ordering every little thing on online-marketplaces) do not take note to the weird email addresses, and open whatever that reaches their email. And Bodontae stealer is directly in it.
How to remove Bodontae spyware?
- Download and install GridinSoft Anti-Malware.
- Open GridinSoft Anti-Malware and perform a “Standard scan“.
- “Move to quarantine” all items.
- Open “Tools” tab – Press “Reset Browser Settings“.
- Select proper browser and options – Click “Reset”.
- Restart your computer.
You can try to do it by hand, nonetheless, like any other trojan, Bodontae TrojanSpy puts into effect the modifications extremely deep within the system. For this reason, it’s extremely tough to spot all these changes, and even more challenging to clean up them out. To deal with this unsafe malware totally, I can suggest you to utilize GridinSoft Anti-Malware.
Scanning
To detect and delete all unwanted applications on your PC with GridinSoft Anti-Malware, it’s better to utilize Standard or Full scan. Quick Scan is not able to find all malicious programs, because it checks only the most popular registry entries and folders.
You can see the detected malicious items sorted by their possible hazard simultaneously with the scan process. But to perform any actions against malware, you need to wait until the scan is finished, or to stop the scan.
To set the action for each detected malicious or unwanted program, click the arrow in front of the name of detected malicious app. By default, all the viruses will be moved to quarantine.
How to remove Bodontae Spyware?
Name: Bodontae
Description: Bodontae TrojanSpy is classified as a type of malware — malicious software designed to gain access to or damage your computer, often without your knowledge. The Bodontae gathers your personal information and relays it to advertisers, data firms, or external users. The Bodontae can install additional software and change the security settings on your PC.
Operating System: Windows
Application Category: Spyware
User Review
( votes)- What is Spyware: https://en.wikipedia.org/wiki/Spyware
- ESET quaterly report: ESET_Threat_Report_Q22020.pdf
