cashU Team: Restore Your account
"cashU Team: Restore Your account" email is a phishing email designed to access your bank account information and steal your personal and financial data. "cashU Team: Restore Your account" email will inform you your cashU account needs to be restored only to redirect you to scam websites. "cashU Team: Restore Your account" email will try to trick you into giving con artists your cashU login information.
All links provided by "cashU Team: Restore Your account" email are meant to push you into entering your login information. If you were tricked into doing so in any of the websites that "cashU Team: Restore Your account" email links to, contact your bank immediately. Never login to your bank's website through "cashU Team: Restore Your account" email, open a new browser window and login.
File System Modifications
- The following files were created in the system:
# File Name 1 c:\Documents and Settings\LocalService\Application Data\rhcnkrj0etfg 2 c:\Documents and Settings\LocalService\Application Data\rhcnkrj0etfg\Quarantine 3 c:\Program Files\rhcnkrj0etfg 4 c:\Program Files\rhcnkrj0etfg\database.dat 5 c:\Program Files\rhcnkrj0etfg\license.txt 6 c:\Program Files\rhcnkrj0etfg\MFC71.dll 7 c:\Program Files\rhcnkrj0etfg\MFC71ENU.DLL 8 c:\Program Files\rhcnkrj0etfg\msvcp71.dll 9 c:\Program Files\rhcnkrj0etfg\msvcr71.dll 10 c:\Program Files\rhcnkrj0etfg\rhcnkrj0etfg.exe 11 c:\Program Files\rhcnkrj0etfg\rhcnkrj0etfg.exe.local 12 c:\Program Files\rhcnkrj0etfg\Uninstall.exe 13 c:\WINDOWS\system32\blphcjkrj0etfg.scr 14 c:\WINDOWS\system32\CbEvtSvc.exe 15 c:\WINDOWS\system32\drivers\54c70b2e.sys 16 c:\WINDOWS\system32\lphcjkrj0etfg.exe 17 c:\WINDOWS\system32\phcjkrj0etfg.bmp 18 c:\WINDOWS\system32\pphcjkrj0etfg.exe 19 CbEvtSvc.exe 20 lphcjkrj0etfg.exe 21 phcjkrj0etfg.bmp 22 pphcjkrj0etfg.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Sysinternals\Bluescreen Screen SaverHKEY_LOCAL_MACHINE\SOFTWARE\rhcnkrj0etfgHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}rhcnkrj0etfg
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.