You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
BookedSpace.Remanent is dangerous virus:
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
BookedSpace.Remanent Symptoms:
Files:
[%SYSTEM%]\bs2.dll
[%SYSTEM%]\bs3.dll
[%SYSTEM%]\rem00001.dll
[%WINDOWS%]\bs2.dll
[%WINDOWS%]\bs3.dll
[%WINDOWS%]\bsx5.dll
[%WINDOWS%]\system\bs2.dll
[%WINDOWS%]\system\bs3.dll
[%WINDOWS%]\system\rem00001.dll
[%SYSTEM%]\bs2.dll
[%SYSTEM%]\bs3.dll
[%SYSTEM%]\rem00001.dll
[%WINDOWS%]\bs2.dll
[%WINDOWS%]\bs3.dll
[%WINDOWS%]\bsx5.dll
[%WINDOWS%]\system\bs2.dll
[%WINDOWS%]\system\bs3.dll
[%WINDOWS%]\system\rem00001.dll
Registry Keys:
HKEY_CLASSES_ROOT\clsid\{2b3452c5-1b9a-440f-a203-f6ed0f64c895}
HKEY_CLASSES_ROOT\clsid\{392be62b-e7de-430a-8859-0afe677de6e1}
HKEY_CLASSES_ROOT\clsid\{a85c4a1b-bd36-44e5-a70f-8ec347d9b24f}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{2b3452c5-1b9a-440f-a203-f6ed0f64c895}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{392be62b-e7de-430a-8859-0afe677de6e1}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{a85c4a1b-bd36-44e5-a70f-8ec347d9b24f}
HKEY_LOCAL_MACHINE\software\classes\clsid\{2b3452c5-1b9a-440f-a203-f6ed0f64c895}
HKEY_LOCAL_MACHINE\software\classes\clsid\{392be62b-e7de-430a-8859-0afe677de6e1}
HKEY_LOCAL_MACHINE\software\classes\clsid\{a85c4a1b-bd36-44e5-a70f-8ec347d9b24f}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2b3452c5-1b9a-440f-a203-f6ed0f64c895}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{392be62b-e7de-430a-8859-0afe677de6e1}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{a85c4a1b-bd36-44e5-a70f-8ec347d9b24f}
HKEY_LOCAL_MACHINE\software\remanent
Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.
Also Be Aware of the Following Threats:
Remove Zetronic RAT
Bancos.FXG Trojan Symptoms
JamesBob Downloader Cleaner
System Alert Popu Trojan Information
No comments:
Post a Comment