Saturday, December 6, 2008

Jokcn Downloader

Removing Jokcn
Categories: Downloader
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
Jokcn Also known as:

[Kaspersky]Trojan-Downloader.Win32.Ieser.w,AdWare.Win32.Ejik.g,AdWare.Win32.Ejik.q;
[McAfee]Downloader-ACH;
[Other]Win32/Jokcn.C,Downloader,Win32/Jokcn.D,W32/Malware.BIBN,Win32/Jokcn.F,Trojan.Adclicker,Win32/Jokcn.H,Win32/Jokcn.I
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\resiifers.ini
[%WINDOWS%]\98032C.exe
[%WINDOWS%]\acdsee321.dll
[%WINDOWS%]\my_70320.exe
[%WINDOWS%]\system\zhqb32.dll
[%WINDOWS%]\zhqbdf16.ini
[%WINDOWS%]\zsmsdf32.ini
[%SYSTEM%]\resiifers.ini
[%WINDOWS%]\98032C.exe
[%WINDOWS%]\acdsee321.dll
[%WINDOWS%]\my_70320.exe
[%WINDOWS%]\system\zhqb32.dll
[%WINDOWS%]\zhqbdf16.ini
[%WINDOWS%]\zsmsdf32.ini

How to detect Jokcn:

Files:
[%SYSTEM%]\resiifers.ini
[%WINDOWS%]\98032C.exe
[%WINDOWS%]\acdsee321.dll
[%WINDOWS%]\my_70320.exe
[%WINDOWS%]\system\zhqb32.dll
[%WINDOWS%]\zhqbdf16.ini
[%WINDOWS%]\zsmsdf32.ini
[%SYSTEM%]\resiifers.ini
[%WINDOWS%]\98032C.exe
[%WINDOWS%]\acdsee321.dll
[%WINDOWS%]\my_70320.exe
[%WINDOWS%]\system\zhqb32.dll
[%WINDOWS%]\zhqbdf16.ini
[%WINDOWS%]\zsmsdf32.ini

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{16c6167b-fed4-4cee-8951-134c9a345da2}
HKEY_CLASSES_ROOT\clsid\{242f800b-2172-4659-a381-476b66e3de2a}
HKEY_CLASSES_ROOT\clsid\{956d977e-3ee4-460f-8cd2-23cdeabbdc94}
HKEY_CLASSES_ROOT\clsid\{c1ba80ee-2fb8-4c8d-bac9-938215e539c5}
HKEY_CLASSES_ROOT\kdcvbehbwgviz.tiebhocom\clsid
HKEY_CLASSES_ROOT\tirqikts.tiebhocom
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{16c6167b-fed4-4cee-8951-134c9a345da2}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{242f800b-2172-4659-a381-476b66e3de2a}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{956d977e-3ee4-460f-8cd2-23cdeabbdc94}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c1ba80ee-2fb8-4c8d-bac9-938215e539c5}

Removing Jokcn:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Virtumonde Trojan Symptoms
Removing Agent.ac Adware
IntraKey Spyware Information
Removing Blurp Trojan
Bancos.HWJ Trojan Cleaner

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)