Categories: Trojan,Ransomware
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.
The term ransomware is commonly used to describe software that encrypts the data
belonging to an individual on a computer, demanding a ransom for its restoration.
Although the field known as cryptovirology predates the term "ransomware".
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\Ad-Protect\Plugins\MessengerControl\MessengerControl.dll
[%PROGRAM_FILES%]\Ad-Protect\Plugins\StartupEditor\StartupEditor.dll
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBlaster v5.0.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBlasters v5.0.lnk
[%DESKTOP%]\VirusBlaster v5.0.lnk
[%DESKTOP%]\VirusBlasters v5.0.lnk
[%PROGRAM_FILES%]\VirusBlaster\BlastIEmonitor.dll
[%PROGRAM_FILES%]\VirusBlast\BlastIEmonitor.dll
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10142006-152408.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-184815.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-191014.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-191508.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-195201.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10242006-232620.log
[%PROGRAM_FILES%]\VirusBlast\msvcr71.dll
[%PROGRAM_FILES%]\VirusBlast\sdebug.log
[%PROGRAM_FILES%]\VirusBlast\VirusBlast.exe
[%STARTMENU%]\VirusBlast v5.0.lnk
[%STARTMENU%]\VirusBlaster v5.0.lnk
[%STARTMENU%]\VirusBlasters v5.0.lnk
[%DESKTOP%]\VirusBlast v5.0.lnk
[%PROGRAM_FILES%]\Ad-Protect\Plugins\MessengerControl\MessengerControl.dll
[%PROGRAM_FILES%]\Ad-Protect\Plugins\StartupEditor\StartupEditor.dll
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBlaster v5.0.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBlasters v5.0.lnk
[%DESKTOP%]\VirusBlaster v5.0.lnk
[%DESKTOP%]\VirusBlasters v5.0.lnk
[%PROGRAM_FILES%]\VirusBlaster\BlastIEmonitor.dll
[%PROGRAM_FILES%]\VirusBlast\BlastIEmonitor.dll
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10142006-152408.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-184815.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-191014.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-191508.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-195201.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10242006-232620.log
[%PROGRAM_FILES%]\VirusBlast\msvcr71.dll
[%PROGRAM_FILES%]\VirusBlast\sdebug.log
[%PROGRAM_FILES%]\VirusBlast\VirusBlast.exe
[%STARTMENU%]\VirusBlast v5.0.lnk
[%STARTMENU%]\VirusBlaster v5.0.lnk
[%STARTMENU%]\VirusBlasters v5.0.lnk
[%DESKTOP%]\VirusBlast v5.0.lnk How to detect VirusBlast:
Files:
[%PROGRAM_FILES%]\Ad-Protect\Plugins\MessengerControl\MessengerControl.dll
[%PROGRAM_FILES%]\Ad-Protect\Plugins\StartupEditor\StartupEditor.dll
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBlaster v5.0.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBlasters v5.0.lnk
[%DESKTOP%]\VirusBlaster v5.0.lnk
[%DESKTOP%]\VirusBlasters v5.0.lnk
[%PROGRAM_FILES%]\VirusBlaster\BlastIEmonitor.dll
[%PROGRAM_FILES%]\VirusBlast\BlastIEmonitor.dll
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10142006-152408.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-184815.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-191014.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-191508.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-195201.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10242006-232620.log
[%PROGRAM_FILES%]\VirusBlast\msvcr71.dll
[%PROGRAM_FILES%]\VirusBlast\sdebug.log
[%PROGRAM_FILES%]\VirusBlast\VirusBlast.exe
[%STARTMENU%]\VirusBlast v5.0.lnk
[%STARTMENU%]\VirusBlaster v5.0.lnk
[%STARTMENU%]\VirusBlasters v5.0.lnk
[%DESKTOP%]\VirusBlast v5.0.lnk
[%PROGRAM_FILES%]\Ad-Protect\Plugins\MessengerControl\MessengerControl.dll
[%PROGRAM_FILES%]\Ad-Protect\Plugins\StartupEditor\StartupEditor.dll
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBlaster v5.0.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBlasters v5.0.lnk
[%DESKTOP%]\VirusBlaster v5.0.lnk
[%DESKTOP%]\VirusBlasters v5.0.lnk
[%PROGRAM_FILES%]\VirusBlaster\BlastIEmonitor.dll
[%PROGRAM_FILES%]\VirusBlast\BlastIEmonitor.dll
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10142006-152408.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-184815.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-191014.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-191508.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10202006-195201.log
[%PROGRAM_FILES%]\VirusBlast\Logs\vblast_activity-10242006-232620.log
[%PROGRAM_FILES%]\VirusBlast\msvcr71.dll
[%PROGRAM_FILES%]\VirusBlast\sdebug.log
[%PROGRAM_FILES%]\VirusBlast\VirusBlast.exe
[%STARTMENU%]\VirusBlast v5.0.lnk
[%STARTMENU%]\VirusBlaster v5.0.lnk
[%STARTMENU%]\VirusBlasters v5.0.lnk
[%DESKTOP%]\VirusBlast v5.0.lnk
Folders:
[%PROGRAM_FILES%]\VirusBlast
[%PROGRAMS%]\VirusBlaster
[%PROGRAMS%]\VirusBlasters
[%PROGRAM_FILES%]\VirusBlaster
[%PROGRAM_FILES%]\VirusBlasters
[%PROGRAMS%]\VirusBlast
Registry Keys:
HKEY_CLASSES_ROOT\AppID\{490E7D57-1FC1-4ea6-BD52-483B7271B223}
HKEY_CLASSES_ROOT\AppID\{9DA1990B-9BCA-4c80-AEFB-11A40FA849F9}
HKEY_CLASSES_ROOT\CLSID\{0D0FAB5C-2BE4-4126-A28E-828FEBCE1E55}
HKEY_CLASSES_ROOT\CLSID\{1F6FE2C2-6040-4645-9053-7F689AFFE176}
HKEY_CLASSES_ROOT\CLSID\{9DA04BBD-71BB-020C-436E-42FECBB98F05}
HKEY_CLASSES_ROOT\CLSID\{E6B4AB50-F423-4EE6-9839-B35DCFCDFA49}
HKEY_CLASSES_ROOT\Interface\{1131081D-81ED-46F0-8B03-B728AEAFFD12}
HKEY_CLASSES_ROOT\Interface\{214345B8-BB69-498D-A168-29F58F15D806}
HKEY_CLASSES_ROOT\Interface\{E6B4AB50-F423-4EE6-9839-B35DCFCDFA49}
HKEY_CLASSES_ROOT\TypeLib\{283ED043-D403-4808-BF28-FCDE29DCF1FB}
HKEY_CLASSES_ROOT\TypeLib\{80ED1EB2-55FB-4434-BD41-E1645A370158}
HKEY_CLASSES_ROOT\AppID\ad-protect.EXE
HKEY_CLASSES_ROOT\AppID\IEControl.DLL
HKEY_CLASSES_ROOT\CLSID\{3E5E5F84-A73E-0D84-0398-B7E18E4B2B84}
HKEY_CLASSES_ROOT\IEControl.IEExtension
HKEY_CLASSES_ROOT\IEControl.IEExtension.1
HKEY_CLASSES_ROOT\VB.Server
HKEY_CLASSES_ROOT\VB.Server.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VirusBlasters.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F6FE2C2-6040-4645-9053-7F689AFFE176}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusBlaster
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusBlasters
HKEY_LOCAL_MACHINE\SOFTWARE\VirusBlaster
HKEY_LOCAL_MACHINE\SOFTWARE\VirusBlasters
HKEY_CLASSES_ROOT\appid\{490e7d57-1fc1-4ea6-bd52-483b7271b223}
HKEY_CLASSES_ROOT\clsid\{0d0fab5c-2be4-4126-a28e-828febce1e55}
HKEY_CLASSES_ROOT\clsid\{1f6fe2c2-6040-4645-9053-7f689affe176}
HKEY_CLASSES_ROOT\clsid\{9da04bbd-71bb-020c-436e-42fecbb98f05}
HKEY_CLASSES_ROOT\clsid\{e6b4ab50-f423-4ee6-9839-b35dcfcdfa49}
HKEY_CLASSES_ROOT\interface\{1131081d-81ed-46f0-8b03-b728aeaffd12}
HKEY_CLASSES_ROOT\interface\{e6b4ab50-f423-4ee6-9839-b35dcfcdfa49}
HKEY_CLASSES_ROOT\typelib\{80ed1eb2-55fb-4434-bd41-e1645a370158}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\virusblast.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\virusblast
HKEY_LOCAL_MACHINE\software\virusblast
Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Removing VirusBlast:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Search123 Adware Cleaner
YuupSearch Toolbar Removal instruction
Remove Enculator Backdoor
AOL.Insane Trojan Cleaner
No comments:
Post a Comment