Sunday, November 9, 2008

BraveSentry Trojan

Removing BraveSentry
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
BraveSentry Also known as:

[Kaspersky]Downloader.Win32.Agent.x;
[McAfee]BraveSentry;
[F-Prot]W32/Downldr2.ATPC;
[Panda]Spyware/WinSpyKiller;
[Other]Program:Win32/SpySheriff,WinSpyKiller
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\MalwareAlarm\MalwareAlarm0.ma
[%PROGRAM_FILES%]\PestCapture\PestCapture0.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture1.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture2.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture3.dll
[%PROGRAM_FILES%]\PestTrap\heur000.dll
[%PROGRAM_FILES%]\PestTrap\heur001.dll
[%PROGRAM_FILES%]\PestTrap\heur003.dll
[%WINDOWS%]\desktop.html
[%DESKTOP%]\bravesentry.lnk
[%DESKTOP%]\WinSpyKiller.lnk
[%PROGRAM_FILES%]\MalwareAlarm\MalwareAlarm0.ma
[%PROGRAM_FILES%]\PestCapture\PestCapture0.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture1.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture2.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture3.dll
[%PROGRAM_FILES%]\PestTrap\heur000.dll
[%PROGRAM_FILES%]\PestTrap\heur001.dll
[%PROGRAM_FILES%]\PestTrap\heur003.dll
[%WINDOWS%]\desktop.html
[%DESKTOP%]\bravesentry.lnk
[%DESKTOP%]\WinSpyKiller.lnk

How to detect BraveSentry:

Files:
[%PROGRAM_FILES%]\MalwareAlarm\MalwareAlarm0.ma
[%PROGRAM_FILES%]\PestCapture\PestCapture0.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture1.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture2.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture3.dll
[%PROGRAM_FILES%]\PestTrap\heur000.dll
[%PROGRAM_FILES%]\PestTrap\heur001.dll
[%PROGRAM_FILES%]\PestTrap\heur003.dll
[%WINDOWS%]\desktop.html
[%DESKTOP%]\bravesentry.lnk
[%DESKTOP%]\WinSpyKiller.lnk
[%PROGRAM_FILES%]\MalwareAlarm\MalwareAlarm0.ma
[%PROGRAM_FILES%]\PestCapture\PestCapture0.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture1.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture2.dll
[%PROGRAM_FILES%]\PestCapture\PestCapture3.dll
[%PROGRAM_FILES%]\PestTrap\heur000.dll
[%PROGRAM_FILES%]\PestTrap\heur001.dll
[%PROGRAM_FILES%]\PestTrap\heur003.dll
[%WINDOWS%]\desktop.html
[%DESKTOP%]\bravesentry.lnk
[%DESKTOP%]\WinSpyKiller.lnk

Folders:
[%PROGRAMS%]\Brave-Sentry
[%PROGRAM_FILES%]\bravesentry
[%PROGRAMS%]\bravesentry
[%PROGRAMS%]\WinSpyKiller
[%PROGRAM_FILES%]\WinSpyKiller

Registry Keys:
HKEY_CURRENT_USER\software\brave-sentry\scan
HKEY_CURRENT_USER\software\brave-sentry\updates
HKEY_CURRENT_USER\Software\BraveSentry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Brave-Sentry
HKEY_CURRENT_USER\software\bravesentry
HKEY_CURRENT_USER\software\winspykiller
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\brave-sentry
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bravesentry
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\winspykiller

Registry Values:
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\brave-sentry
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\shellnoroam\muicache
HKEY_CURRENT_USER\software\microsoft\windows\shellnoroam\muicache

Removing BraveSentry:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)