Boss Everyware

Description:	Keylogger
Risk Level:	Low
Date of First Occurence:	Friday, May 09, 2008
Software Developer:	(unknown)
Brief Info:	Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
Removal:	This threat can be removed using "Spyware Terminator"

Detected Files: %SYSDIR%\Wsa32\unins000.exe MD5: D6775520575D8EFFEFF3813459A03161 Size:518603 MD5: DE6E2E66E314956B900BED9FAE7AF0A0 Size:389092 %SYSDIR%\Wsa32\bewrep.exe MD5: DF37FA460FC55AFF9A5C7084FA5285FB Size:2721280 %SYSDIR%\Wsa32\beconfig.exe MD5: EA8C769B64416867D283B7E40C79092E Size:968192 %SYSDIR%\Wsa32\rmbew.exe MD5: B490287930AB1F2F6A85F90C619D50FE Size:530944 MD5: D7CDB5C1AC2B0B4D7AD3B75545A8DA83 Size:423424 %SYSDIR%\Wsa32\Bewrep.exe MD5: 1712F0A201F41D6E3C0EFBD307F1D86B Size:1392128 %SYSDIR%\Wsa32\Beconfig.exe MD5: 2EAC8029B5EAA1ED1DF0CEA297902581 Size:540160
Detected Files with variable Filenames:

Files by Name %SYSDIR%\Wsa32\BE2.CHM %SYSDIR%\Wsa32\BECONFIG.EXE %SYSDIR%\Wsa32\BEWREP.EXE %SYSDIR%\Wsa32\LICENSE.TXT %SYSDIR%\Wsa32\PCSETUP.32 %SYSDIR%\Wsa32\README.TXT %SYSDIR%\Wsa32\RMBEW.EXE %SYSDIR%\Wsa32\unins000.dat %SYSDIR%\Wsa32\unins000.exe %SystemDiskRoot%\BELogs\NODE1_20060419.dsv %SystemDiskRoot%\Documents and Settings\User\Start Menu\Programs\Boss Everyware 2\Boss Everyware Help.lnk %SystemDiskRoot%\Documents and Settings\User\Start Menu\Programs\Boss Everyware 2\Hide Boss Everyware.lnk %SystemDiskRoot%\Documents and Settings\User\Start Menu\Programs\Boss Everyware 2\Logger Configurator.lnk %SystemDiskRoot%\Documents and Settings\User\Start Menu\Programs\Boss Everyware 2\Report Manager.lnk
Registry Keys HKCR\BER HKCU\Software\Jmerik\BossEveryware HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Boss Everyware 2 HKLM\SOFTWARE\Jmerik\BossEveryware HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Boss Everyware 2.8_is1