Wednesday, January 21, 2009

Win32.Banker.ckj Trojan

Removing Win32.Banker.ckj
Categories: Trojan,Spyware
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\msie.dll
[%WINDOWS%]\msie.dll

How to detect Win32.Banker.ckj:

Files:
[%WINDOWS%]\msie.dll
[%WINDOWS%]\msie.dll

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{00807E17-4329-455C-8516-75FE21E0A681}
HKEY_CLASSES_ROOT\CLSID\{0D79914B-CAC2-4D20-A3D1-325667CDB73B}
HKEY_CLASSES_ROOT\CLSID\{615CE080-9F8C-4400-9889-FCB545849660}
HKEY_CLASSES_ROOT\CLSID\{6D7D1360-BB5F-4AB6-93AA-B5A550EF379C}
HKEY_CLASSES_ROOT\CLSID\{92A176E2-61E5-40B4-8C5A-E74B0B017CE2}
HKEY_CLASSES_ROOT\CLSID\{A4CCC128-44E1-434E-A2A1-8E60756B3819}
HKEY_CLASSES_ROOT\CLSID\{E2554CC3-031C-45A5-89D1-D3DD103B91E3}

Registry Values:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Removing Win32.Banker.ckj:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Y3KRat.Server.family Trojan
Redart Trojan Removal instruction
Removing valuead.com Tracking Cookie
Progenic RAT Symptoms

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)