Mocmex
The Mocmex Trojan can cause serious system damage or loss of vital information. Evaluate the critical facts about Mocmex and secure your system from any threats by this virus.
Mocmex is a virus / malware that can obtain passwords and other important files on your computer. It is one of the most lethal Trojan Horses around so you need to keep your system well protected.
How the Virus Works and Spreads
This virus is noteworthy for being the first one located on digital photo frames. Once the malware is in your system and you play an online game, it springs to action. It will look for and disable firewalls and other protective devices. Subsequently it will connect to the Net and download updates or other malware.
Another problem posed by the Mocmex is it can attach itself to removable drives / storage. When a CD or any other removable drive is connected to the infected computer, it will put a copy on the portable drive.
The malware also places a duplicate in the Windows/Program Files folder. Some names used include the following:
%Program Files%.inf
%Program Files%cfkbyse.inf
%Program Files%Common FilesMicrosoft Sharedvnwpbns.exe
Effects on Computers
Once the file is in a drive, it creates a random name for itself. It may also use the “hide” feature to make itself discreet. It generates a worm into the Windows Registry:
HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Options
This allows Mocmex to disable security features on PCs and networks. It will also attempt to delete or disable several critical system files. These include ArSwp.exe, autoruns.exe, FYFireWall.exe and others. Generally the files it targets are those involving security, firewall and systems configuration. The following files are also disabled if found: SharedAccess, wscsvc, helpsvc and wuauserv.
Removal and Prevention
The most effective protection is to install a reliable antivirus software before getting any signs of the malware. Although most programs can detect the virus afterwards, it is better if you install it before sensing any sign of Mocmex. If you detect sudden system slowdowns or unusual software behavior, perform a full scan. If the virus is detected choose delete when asked by the antivirus what you want to do.
Your antivirus program will be useless if it is not updated. If you don’t want to pay the subscription fee, download a free antivirus program. These also offer effective protection without cost.
Some viruses can be removed manually through manipulation of the Windows Registry keys. In this case that is not recommended. First of all most programs can delete it automatically. Second, the malware plants itself in many folders. Hunting down each one is impractical. You could end up deleting the wrong file and make things worse.
Another thing you can do is disable autorun in Windows. Right click the CD icon in My Computer and choose properties. Enable “prompt me for what action to take” on all removable drives.
Like other Trojans, Mocmex can wreck havoc and spread quickly. But the protective steps are easy to do. If you keep away from suspicious software and scan consistently, you won’t get this virus. Even if you do, removing it will be easy.