Enter your Keyword, Search here,

Manual Removal of Jammer2nd.exe

Jammer2nd.exe (Netsky)
jammer2nd.exe is considered to be a security risk, not only because antivirus programs flag Netsky as a virus, but also because a number of users have complained about its performance.
Netsky is likely a virus and as such, presents a serious vulnerability which should be fixed immediately! Delaying the removal of jammer2nd.exe may cause serious harm to your system and will likely cause a number of problems, such as slow performance, loss of data or leaking private information to websites.

Try Bitdefender Netsky Auto Removal Tool for Jammer2nd.exe (Netsky)
Damage Level: Medium
Distribution Level: High
  • The W32.Netsky.Z@mm worm is a Netsky variant that scans for the email addresses on all non-CD-ROM drives on an infected computer.
  • Scans drives C through Z (excluding CD-ROM drives) and retrieves the email addresses from any files with the predefined extensions.
  • Then, the worm uses its own SMTP engine to send itself to the email addresses that it finds to jamainlbbbsdef@yahoo.com
  • The From line of the email is spoofed, and its Subject, Message, and Attachment vary. The attachment has a .zip extension.
  • Copies itself as %WinDir%\Jammer2nd.exe.
  • Creates a zip file containing the worm to %Windir%\PK_ZIP_ALG.LOG.
  • Listens on TCP port 665 for an attacker to send an executable file.
  • The worm will automatically run the executable when it is downloaded.
  • If the date of the system clock is between May 2, 2004 and May 5, 2004, the worm will attempt to perform Denial of Service (DoS) attack against the following Web sites:

    • www.nibis.de 
    • www.medinfo.ufl.edu
    • www.educa.ch

    Manual Removal Instructions :

    Recommend Removal from Safe Mode:
    How to Start in Safe mode:
    Restart your Computer, Press F8 when your Screen turns on, Select Safe mode, press enter.

    The Infected Files Can be Seen in these folders and names

    Navigate to the key:
    Delete the value:
    "Jammer2nd" = %WinDir%\JAMMER2ND.EXE

    Kill the following process:

    Delete the following files:
    %windir%\\pk_zip1.log ,pk_zip2.log ,...,pk_zip8.log

    Delete the following registry key:

    Exit the Registry Editor. Restart your PC, if it won't get Removed, let Anti-virus Engines to remove.
    Recommended Removal Tools:
    Kaspersky Antivirus or Internet Security (Shareware)
    Spyware Doctor (Shareware)
    AVG Antivirus (Freeware)
    Hijackthis (Freeware)
    Bitdefender (Shareware)

    No comments :

    Post a Comment

    Comment on this Post!!

    More Posts that you may be interested...