Bankofamerica Alert: Restore Your account
"Bankofamerica Alert: Restore Your account" email is a phishing email created to steal your Bankofamerica account information. "Bankofamerica Alert: Restore Your account" email will try to make you think you need to confirm, update and verify your Bankofamerica account information. A rogue link may be provided in your "Bankofamerica Alert: Restore Your account" email which may redirect you to malicious websites. If you are tricked into entering your bank account information on the rogue websites, your financial data will be stolen by remote phishers.
All links provided by "Bankofamerica Alert: Restore Your account" email are meant to push you into entering your login information. If you were tricked into doing so, in any of the websites that "Bankofamerica Alert: Restore Your account" email may link you to, contact your bank immediately. Never login to your bank's website through "Bankofamerica Alert: Restore Your account" email, open a new browser window instead and add your login information.
File System Modifications
- The following files were created in the system:
# File Name 1 c:\Documents and Settings\LocalService\Application Data\rhcnkrj0etfg 2 c:\Documents and Settings\LocalService\Application Data\rhcnkrj0etfg\Quarantine 3 c:\Program Files\rhcnkrj0etfg 4 c:\Program Files\rhcnkrj0etfg\database.dat 5 c:\Program Files\rhcnkrj0etfg\license.txt 6 c:\Program Files\rhcnkrj0etfg\MFC71.dll 7 c:\Program Files\rhcnkrj0etfg\MFC71ENU.DLL 8 c:\Program Files\rhcnkrj0etfg\msvcp71.dll 9 c:\Program Files\rhcnkrj0etfg\msvcr71.dll 10 c:\Program Files\rhcnkrj0etfg\rhcnkrj0etfg.exe 11 c:\Program Files\rhcnkrj0etfg\rhcnkrj0etfg.exe.local 12 c:\Program Files\rhcnkrj0etfg\Uninstall.exe 13 c:\WINDOWS\system32\blphcjkrj0etfg.scr 14 c:\WINDOWS\system32\CbEvtSvc.exe 15 c:\WINDOWS\system32\drivers\54c70b2e.sys 16 c:\WINDOWS\system32\lphcjkrj0etfg.exe 17 c:\WINDOWS\system32\phcjkrj0etfg.bmp 18 c:\WINDOWS\system32\pphcjkrj0etfg.exe 19 CbEvtSvc.exe 20 lphcjkrj0etfg.exe 21 phcjkrj0etfg.bmp 22 pphcjkrj0etfg.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Sysinternals\Bluescreen Screen SaverHKEY_LOCAL_MACHINE\SOFTWARE\rhcnkrj0etfgHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}rhcnkrj0etfg
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.