Danger level 7
Type: Backdoors
Common infection symptoms:
  • Block exe files from running
  • Blocks internet connection
  • Connects to the internet without permission
  • Installs itself without permissions
  • Slow Computer
  • Slow internet connection
  • System crashes

Backdoor.Jukbot.B

Backdoor.Jukbot.B is a Trojan that is classified as a backdoor. It means that this malicious computer parasite upon the infection opens a backdoor in your system and allows remote access and control. That is to say, a person who creates Backdoor.Jukbot.B is able to perform limited actions in your computer via this infection. The backdoor communicates with a so-called command and control server to receive instructions on further performance, so there are quite a few ways how this parasite can affect your computer.

When Backdoor.Jukbot.B is installed, it performs quite a few changes in your system, but you might not be aware of that, because the thing this backdoor modifies is the registry. There are also no definite filenames that would indicate the infection, because Backdoor.Jukbot.B uses different file and service names during the installation. Once the program is run, it copies itself into the System folder (System 32 folder in most of the Windows platforms) under the most random names such as, for example, btlp.exe or panp.exe.

The registry changes are performed in order to run Backdoor.Jukbot.B as a Windows service. It copies the names of the legitimate services and hijacks them, tricking the operating system into running the malware every time Windows start. Once Backdoor.Jukbot.B is up and running, it tries to connect to a remote domain. The security experts have determined that most of the time it connects to qianli8211.3322.org domain. When it receives configuration data from the server the backdoor can do a lot of various actions, depending on what the configurations are telling it to do.

For example, Backdoor.Jukbot.B can easily download and execute malicious files. That is of no surprise, because its process file called lvvm.exe is also classified as a fraudulent security program, which means that with the Backdoor.Jukbot.B infection, you can also be exposed to rogue attack. Also, this infection can unexpectedly restart or shut down your computer, or make it a source of a denial of service attack. But that is not all, Backdoor.Jukbot.B can also trespass your privacy by gathering such sensitive information as computer name, operating system version, RAM, CPU model and speed, and then send it away to the remote server.

Naturally, Backdoor.Jukbot.B infection is annoying, because it is hard to determine at first. However, you can check your Windows Task Manager for the backdoor-related processes such as the previously mentioned lvvm.exe or others, like – 38a.exe, bns.exe, way.exe and the like. You can find the full list of Backdoor.Jukbot.B related process below this description. You also need to delete all these processes if you want to remove Backdoor.Jukbot.B. However, deleting this backdoor on your own might be hard, so don’t hesitate to get yourself a powerful security tool that will terminate Backdoor.Jukbot.B for you automatically.

Download Spyware Removal Tool to Remove* Backdoor.Jukbot.B
  • Quick & tested solution for Backdoor.Jukbot.B removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Backdoor.Jukbot.B

Files associated with Backdoor.Jukbot.B infection:

wtsx.exe
NewtonDictate.exe
ZjevH3HwzpNRaA.exe
way.exe
uhu.exe
thq88rx6p.exe
t00el32.dll
svy9.dll
svchosts.exe
sqlesw32.dll
rjy.exe
qxd.exe
NfWOkoyrvDaoRQH.exe
lvvm.exe
hki283.exe
cdrom.sys
bsn.exe
ang.exe
afd.sys
AbdioPdfEditor.exe
38A.exe
zyifur.exe
Stellar_Phoenix_Password_Recovery_v1_0_keygen.exe
sqlcsw32.dll
skfp.exe
68.exe
ytnqne.exe

Backdoor.Jukbot.B DLL's to remove:

t00el32.dll
svy9.dll
sqlesw32.dll
sqlcsw32.dll

Backdoor.Jukbot.B processes to kill:

wtsx.exe
NewtonDictate.exe
ZjevH3HwzpNRaA.exe
way.exe
uhu.exe
thq88rx6p.exe
svchosts.exe
rjy.exe
qxd.exe
NfWOkoyrvDaoRQH.exe
lvvm.exe
hki283.exe
bsn.exe
ang.exe
AbdioPdfEditor.exe
38A.exe
zyifur.exe
Stellar_Phoenix_Password_Recovery_v1_0_keygen.exe
skfp.exe
68.exe
ytnqne.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.