Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IVIIS and BHA - what kind of software/malware are they?


  • Please log in to reply
5 replies to this topic

#1 thomcats

thomcats

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:08:30 PM

Posted 03 March 2009 - 09:25 AM

Hello,

I have recently recovered my computer from a very bad infection and it took me two weeks to get it up and running again. Hence, I'm very weary when I encounter things in the PC, which I don't recognise.

I found that two software had been added to the register without my "help" so to speak - IVIIS and B.H.A. They don't seem to be official programs because I don't find them in any program folder or listed in the Control Panel program-list. I have since searched the net extensively for answers and recieved nothing that is comprehensible. As they seem to address related functions (there are references to "Count" in both of them) I thought I could include them both in this post. They do not appear in many places in the register and I have attached to this post, links to 5 images (IVIIS 4 and BHA 1) which will give you an idea of where they are to be found.

http://i5.photobucket.com/albums/y175/thomcats/bha1.jpg

http://i5.photobucket.com/albums/y175/thomcats/iviis1.jpg
http://i5.photobucket.com/albums/y175/thomcats/iviis2.jpg
http://i5.photobucket.com/albums/y175/thomcats/iviis3.jpg
http://i5.photobucket.com/albums/y175/thomcats/iviis4.jpg

What are they? Shall I get rid of them or are they safe to keep?

Thanks in advance for any help in the matter
thomcats
= = = = = = = = = = = =
Windows XP Pro SP3
Intel Pentium 4
3.06 GHz CPU
1,9 GB RAM
250 GB HD

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,939 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:30 PM

Posted 03 March 2009 - 12:29 PM

BHA software may be related to Sony Storage Products or CD, DVD and XVD solutions by B.H.A Corporation.

The third image for IVIIS shows 20471B27-D702-4FE8-8DEC-0702CC8C0A85. When doing a Google search on it, that string appears to be related to MsiExec.exe (Windows Installer)/InstallShield Installation info.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 thomcats

thomcats
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:08:30 PM

Posted 03 March 2009 - 01:24 PM

BHA software may be related to Sony Storage Products or CD, DVD and XVD solutions by B.H.A Corporation.

The third image for IVIIS shows 20471B27-D702-4FE8-8DEC-0702CC8C0A85. When doing a Google search on it, that string appears to be related to MsiExec.exe (Windows Installer)/InstallShield Installation info.


Ah! Thanks VERY much for quick reply. Posted Image

These references do ring bells. I have a Sony product installed and I also remember getting the Windows Install Shield together with another program - it wasn't a "standalone" installtion of this one. However, I have put so much back into the PC these last days, that I can't remember which one.

So it is safe to keep them then?


Cheers!
thomcats
= = = = = = = = = = = =
Windows XP Pro SP3
Intel Pentium 4
3.06 GHz CPU
1,9 GB RAM
250 GB HD

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,939 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:30 PM

Posted 03 March 2009 - 01:40 PM

Unless you have confirmed information that something in the registry is malware related, then leave it alone.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 thomcats

thomcats
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:08:30 PM

Posted 03 March 2009 - 01:57 PM

Unless you have confirmed information that something in the registry is malware related, then leave it alone.


Thank you, thank you! :thumbsup:

I feel a lot better for knowing what it is and I will for sure leave them alone.


Cheers!
thomcats
= = = = = = = = = = = =
Windows XP Pro SP3
Intel Pentium 4
3.06 GHz CPU
1,9 GB RAM
250 GB HD

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,939 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:30 PM

Posted 03 March 2009 - 02:15 PM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users