Type: Trojan horse
Risk Level: High
Affected OS: Win 7/8/Vista/XP
JS:Downloader-ZY [Trj] is a dangerous JavaScript Trojan horse that gets inside computer without user’s agreement. Usually, it is able to take the advantage of Internet vulnerabilities when users are paying visit on malicious links, spam email attachment, porn info or downloading corrupted programs from untrustworthy websites. It goes without saying that users must be cautious about those suspicious resources over the Internet.
Once installed, JS:Downloader-ZY [Trj] is able to reset system parameters to pop up users with fake Java update websites in an attempt to get users into downloading infections unconsciously such as phony antivirus program, Trojan horse, worm, keylogger or other malware. Needless to say, with the injection of other threats, system files will at the risk of being destroyed that it may lead computer into system crash. At least, it will take up system resources and decelerate system performance. Seriously, JS:Downloader-ZY [Trj] is a menacing threat to track and steal personal information that users are highly suggested to exterminate it as quickly as possible.
Harmful damages that JS:Downloader-ZY [Trj] may do on your computer
- JS:Downloader-ZY [Trj] is known as a dangerous computer virus
- JS:Downloader-ZY [Trj] gets into computer sneakily without users’ permission
- JS:Downloader-ZY [Trj] takes up system resources and degrades down computer performance
- JS:Downloader-ZY [Trj] may further damage computer by bringing in other malware
- JS:Downloader-ZY [Trj] may track your personal information and send it to cyber criminal for illegal profit
Step by step guides to get rid of JS:Downloader-ZY [Trj] completely
Step One: Press CTRL+ALT+DELETE to open the Windows Task Manager.
Step Two: Click on the "Processes" tab, search for JS:Downloader-ZY [Trj] processes, right-click it and select "End Process" option.
random.exe
Step Three: Delete the files that JS:Downloader-ZY [Trj] drops on system folders:
%Windir%/System32/[RANDOM NAME].exe
%ProgramFiles%\Internet Explorer\Connection Wizard\[random]
%Temp%\[random].bat
Step Four: Click on Start menu, select “run”, type “regedit” on the search box and hit the Enter key.
HKEY_CURRENT_USER\Software\Classes\<random>\DefaultIcon "(Default)" = '%1'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = ""%LocalAppData%\<random 3 chars>.exe -a "C:\Program Files\Mozilla Firefox\firefox.exe""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\random
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\ JS:Downloader-ZY [Trj]
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\KB8456137 = "%LocalAppData%\KB8456137\KB8456137.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "courts" = %AppData%\p1.exe
Attention: As JS:Downloader-ZY [Trj] has the ability to change the infected files and registry entries randomly, users may not be able to locate and delete the correct ones. It is not suggested to do it yourself if you are not familiar in computer knowledge. In order not to mess up the system, please click and start a live chat with expert here.
No comments:
Post a Comment