Removing VirusBursters
Categories: Ransomware
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.
The term ransomware is commonly used to describe such software,
although the field known as cryptovirology predates the term "ransomware".
This type of ransom attack can be accomplished by (for example) attaching
a specially crafted file/program to an e-mail message and sending this to the victim.
If the victim opens/executes the attachment, the program encrypts
a number of files on the victim's computer. A ransom note is then left behind for the victim.
The victim will be unable to open the encrypted files without the correct decryption key.
Once the ransom demanded in the ransom note is paid, the cracker may (or may not)
send the decryption key, enabling decryption of the "kidnapped" files.
Visible Symptoms: Files in system folders:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\Virus-Bursters 6.2.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\Virus-Bursters 6.3.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBursters 6.2.lnk
[%DESKTOP%]\Virus-Bursters.lnk
[%DESKTOP%]\VirusBursters.lnk
[%PROFILE%]\cmd.exe
[%PROFILE%]\start
[%PROGRAMS%]\VirusBursters\Uninstall VirusBursters 6.2.lnk
[%PROGRAMS%]\VirusBursters\VirusBursters 6.2 Website.lnk
[%PROGRAMS%]\VirusBursters\VirusBursters 6.2.lnk
[%STARTMENU%]\Virus-Bursters 6.2.lnk
[%STARTMENU%]\Virus-Bursters 6.3.lnk
[%STARTMENU%]\VirusBursters 6.2.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\Virus-Bursters 6.2.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\Virus-Bursters 6.3.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBursters 6.2.lnk
[%DESKTOP%]\Virus-Bursters.lnk
[%DESKTOP%]\VirusBursters.lnk
[%PROFILE%]\cmd.exe
[%PROFILE%]\start
[%PROGRAMS%]\VirusBursters\Uninstall VirusBursters 6.2.lnk
[%PROGRAMS%]\VirusBursters\VirusBursters 6.2 Website.lnk
[%PROGRAMS%]\VirusBursters\VirusBursters 6.2.lnk
[%STARTMENU%]\Virus-Bursters 6.2.lnk
[%STARTMENU%]\Virus-Bursters 6.3.lnk
[%STARTMENU%]\VirusBursters 6.2.lnk
How to detect VirusBursters:
Files:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\Virus-Bursters 6.2.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\Virus-Bursters 6.3.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBursters 6.2.lnk
[%DESKTOP%]\Virus-Bursters.lnk
[%DESKTOP%]\VirusBursters.lnk
[%PROFILE%]\cmd.exe
[%PROFILE%]\start
[%PROGRAMS%]\VirusBursters\Uninstall VirusBursters 6.2.lnk
[%PROGRAMS%]\VirusBursters\VirusBursters 6.2 Website.lnk
[%PROGRAMS%]\VirusBursters\VirusBursters 6.2.lnk
[%STARTMENU%]\Virus-Bursters 6.2.lnk
[%STARTMENU%]\Virus-Bursters 6.3.lnk
[%STARTMENU%]\VirusBursters 6.2.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\Virus-Bursters 6.2.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\Virus-Bursters 6.3.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusBursters 6.2.lnk
[%DESKTOP%]\Virus-Bursters.lnk
[%DESKTOP%]\VirusBursters.lnk
[%PROFILE%]\cmd.exe
[%PROFILE%]\start
[%PROGRAMS%]\VirusBursters\Uninstall VirusBursters 6.2.lnk
[%PROGRAMS%]\VirusBursters\VirusBursters 6.2 Website.lnk
[%PROGRAMS%]\VirusBursters\VirusBursters 6.2.lnk
[%STARTMENU%]\Virus-Bursters 6.2.lnk
[%STARTMENU%]\Virus-Bursters 6.3.lnk
[%STARTMENU%]\VirusBursters 6.2.lnk
Folders:
[%PROGRAMS%]\Virus-Bursters
[%PROGRAMS%]\VirusBursters
[%PROGRAM_FILES%]\Virus-Bursters
[%PROGRAM_FILES%]\VirusBursters
Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}
HKEY_CLASSES_ROOT\Interface\{02313722-BB43-4C84-80A2-7CEDFC3F8560}
HKEY_CLASSES_ROOT\Interface\{0249BEB1-A2AA-45A3-9EC5-95D9C4A40A62}
HKEY_CLASSES_ROOT\Interface\{0354A901-C606-4DCC-8EA3-4F3383ECE67C}
HKEY_CLASSES_ROOT\Interface\{082DA6AF-F994-4C6C-A2B0-DFC3B3FF540A}
HKEY_CLASSES_ROOT\Interface\{0A03153E-AE2A-47FE-BBA3-3333C0EEEB86}
HKEY_CLASSES_ROOT\Interface\{0C9A71B1-8A8A-48A1-AA3F-0C83CE1C0BBD}
HKEY_CLASSES_ROOT\Interface\{0EF25077-DA22-4FF2-B6FF-6FC1C26F5740}
HKEY_CLASSES_ROOT\Interface\{11ED5DDF-90D0-45C1-BE2B-C9C4F98CCFE2}
HKEY_CLASSES_ROOT\Interface\{13854DA2-8414-4007-9693-2B6E6002520E}
HKEY_CLASSES_ROOT\Interface\{150D28AC-7C2D-4B57-B837-C74DCE7CC728}
HKEY_CLASSES_ROOT\Interface\{1FEB28BA-21B6-46F3-948A-D7CA11654FE9}
HKEY_CLASSES_ROOT\Interface\{276D86B8-010B-4576-8444-9A670070A3F4}
HKEY_CLASSES_ROOT\Interface\{2D9CAF75-4B36-455B-ADEF-0CFD7ADF3154}
HKEY_CLASSES_ROOT\Interface\{340B5D33-4A0C-4673-94FA-B88ECC48773E}
HKEY_CLASSES_ROOT\Interface\{38CD62AA-98AC-4B47-9CB8-8E1F108AD32F}
HKEY_CLASSES_ROOT\Interface\{41F834DA-AF4B-4C04-BD2E-9FA131FF39E5}
HKEY_CLASSES_ROOT\Interface\{453B991D-6B23-48CF-A3B0-2214F437CCB0}
HKEY_CLASSES_ROOT\Interface\{48CE44BF-E439-46DE-8CD8-88CB5B3D6D6E}
HKEY_CLASSES_ROOT\Interface\{4F7FA7BF-007C-46E6-A49C-B8E7373C046E}
HKEY_CLASSES_ROOT\Interface\{52B75F3F-0016-4002-9A3A-B68BC9501ED1}
HKEY_CLASSES_ROOT\Interface\{5AC65D7D-C00C-47A4-83F7-F81073C39B25}
HKEY_CLASSES_ROOT\Interface\{5F412259-081E-4B21-815D-93AE1E71AE95}
HKEY_CLASSES_ROOT\Interface\{657D5DE0-6497-4040-B604-F38C9411F64D}
HKEY_CLASSES_ROOT\Interface\{6DDA751B-CA62-41C6-B622-EA4B4C2E51F8}
HKEY_CLASSES_ROOT\Interface\{78EA0C93-1AAA-4922-84F0-42CBA685F6BC}
HKEY_CLASSES_ROOT\Interface\{7CAEFBCD-55A9-4A68-AA02-E69B12B3BE57}
HKEY_CLASSES_ROOT\Interface\{887D7071-FB68-49F6-A77C-E12D0A83BF91}
HKEY_CLASSES_ROOT\Interface\{88BDD61D-AC47-4D9E-A3ED-1CAA575593E6}
HKEY_CLASSES_ROOT\Interface\{898272CF-3ACE-4A7B-98FA-9EB8DB8B26DC}
HKEY_CLASSES_ROOT\Interface\{8A7D5862-7B00-4270-B456-CDC6779A79DD}
HKEY_CLASSES_ROOT\Interface\{8CBF5BAC-E609-4863-ABC9-68A7BD13B1D0}
HKEY_CLASSES_ROOT\Interface\{940664C7-DE44-4B8F-A05D-FD70CAB75F2C}
HKEY_CLASSES_ROOT\Interface\{9981DDEF-81C4-4CC8-A5F2-62A7912D8037}
HKEY_CLASSES_ROOT\Interface\{9CB68DF7-F336-45A2-BDE2-5DCA3998986F}
HKEY_CLASSES_ROOT\Interface\{9ECEF347-16E8-45B3-BB6D-AE9DDFC4EC11}
HKEY_CLASSES_ROOT\Interface\{9EE20753-220C-4A2C-87DC-F86FB78F3774}
HKEY_CLASSES_ROOT\Interface\{A09DFAEF-BFA3-47CA-9479-D7EC79342146}
HKEY_CLASSES_ROOT\Interface\{A4BB2045-C8B4-4A9F-B509-7A626797B961}
HKEY_CLASSES_ROOT\Interface\{B4BB620F-3AE7-4910-8171-F9FC8120D9EF}
HKEY_CLASSES_ROOT\Interface\{B70B489C-F0D5-4DD9-A2BA-9B6DBCF5090A}
HKEY_CLASSES_ROOT\Interface\{B7512CD1-CFDE-4498-ADBD-14B38062A478}
HKEY_CLASSES_ROOT\Interface\{B889DE48-EC10-4278-B3FF-76FEB7449215}
HKEY_CLASSES_ROOT\Interface\{BED38B7D-66E0-47B2-A7EF-8682B62828D6}
HKEY_CLASSES_ROOT\Interface\{C9CA446E-0484-4647-BBF0-3C129C42047C}
HKEY_CLASSES_ROOT\Interface\{CABABC4B-5B0F-4297-9D85-72E93616ED55}
HKEY_CLASSES_ROOT\Interface\{CCA1E17E-2BEE-4D53-8D00-7ADB5B35145A}
HKEY_CLASSES_ROOT\Interface\{CF1D16BA-2CE6-429A-A63A-3CF44D81A950}
HKEY_CLASSES_ROOT\Interface\{D7DE2292-04DD-48FC-B250-5E9BFE6BB959}
HKEY_CLASSES_ROOT\Interface\{D838D7A3-1551-4B32-BF7A-7F4F769BB885}
HKEY_CLASSES_ROOT\Interface\{D87A739B-AD9A-4973-B8C5-9D55B3EC0401}
HKEY_CLASSES_ROOT\Interface\{E1751F23-00E6-4F6C-AD78-CA7D8A96FD3E}
HKEY_CLASSES_ROOT\Interface\{E56B4B91-E548-4E89-97AC-E9630D22A2E2}
HKEY_CLASSES_ROOT\Interface\{EC6921C1-F723-49C9-B760-274DE8238ED6}
HKEY_CLASSES_ROOT\Interface\{ED639B1F-1B3F-473F-BD8D-6DE9C2D1972A}
HKEY_CLASSES_ROOT\Interface\{F9B659A0-6F32-4D69-A7D0-29A0B8CDDC16}
HKEY_CLASSES_ROOT\Interface\{FA13560C-D18C-4BE6-AE80-EBEFC6E5AD3C}
HKEY_CLASSES_ROOT\Interface\{FC105E0D-AE24-43F2-89AA-E8AB8F96EF6E}
HKEY_CLASSES_ROOT\Interface\{FD99520A-E900-4F8D-9092-22705622D2D2}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\virus-bursters.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\virusbursters.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Virus-Bursters
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusBursters
HKEY_LOCAL_MACHINE\SOFTWARE\Virus-Bursters
HKEY_LOCAL_MACHINE\SOFTWARE\VirusBursters
Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Removing VirusBursters:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or
buy it to remove ALL viruses from your computer.
Also Be Aware of the Following Threats:
Removing Ulysses Trojan
Badmin Trojan Symptoms
Remove Downloader.ACV Adware
GoSocks Trojan Removal instruction
Zlob.Fam.Protection Tools Trojan Cleaner