Rootkit.Agent.YYF

Rootkit.Agent.YYF Description

Type: Trojan

Rootkit.Agent.YYF is a dangerous malware. Rootkit.Agent.YYF is able to inject rootkit components into Windows processes as well as conceal its presence in an infected machine. When inside a machine, Rootkit.Agent.YYF will make changes to the Windows Explorer settings and download potentially harmful files from a remote server.

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software Detection
AntiVir TR/PSW.QQpass.adai
BitDefender Trojan.Generic.6381559
Kaspersky HEUR:Trojan.Win32.Generic
AVG Win32/CryptExe
Fortinet W32/QQPass.AFSN!tr.pws
Ikarus Virus.Win32.CryptExe
Microsoft PWS:Win32/OnLineGames.JZ
Antiy-AVL Trojan/Win32.QQPass.gen
McAfee-GW-Edition Heuristic.LooksLike.Win32.SuspiciousPE.J
AntiVir DR/Agent.pag
Comodo UnclassifiedMalware
Sophos Mal/FakeAV-BW
BitDefender Trojan.Generic.6097658
Kaspersky Trojan-PSW.Win32.QQPass.afsn
ClamAV PUA.Packed.EXECryptor

Technical Information

File System Details

Rootkit.Agent.YYF creates the following file(s):
# File Name MD5 Detection Count
1 dsoqq.exe bf9a1cb46bb61362ae268c1725661f7f 31
2 rpw.exe 8436458b3c9fbb2352cbc444f19469ea 23
3 dqm.exe c05ba6ef2df45120170c2418cb6b3338 22
4 nodqq.exe d8e776b80f548fd1b50d4930536b45c9 19
5 apiqq.exe f77e479d04f1a650e84c15adaf43f2c4 17
6 bgdferw0.dll b7f4e291a3c5326a5d486f2b1c6e7bb4 1
7 oukdfgr.exe 03e3efa29b3ca7f0d94e6141ab3fcec4 1
8 crss.exe ca63e4ba1209d4553e6b30f3bb985430 0
9 cao[1].exe 5352ffa20a29a2201074dcafccb0c9d2 0
10 urretnd.exe 18c96944e5496865a45b8ae50a02de14 0
11 kamsoft.exe 337364fc8200b6d324926831655ab989 0
12 CLADD cd5bc0b1ef407339a10a4800f0e5a90b 0
13 ctfmon.exe 81a18803e3ba2a2c0560a8a7d49bf253 0
14 olhrwef.exe 345d3a172ed5a7a356e1b6c2e77b87c5 0
15 a4rxQxCvNBMNnpqs.dll 3e89837ab7247b3986484527c6124b3e 0
16 56bc86c7.dll 31785ed8d09cafc21836b311226ac9ae 0
17 704c3595.dll d880a5df2ea37f0529dc060b0cf17969 0
More files

Registry Details

Rootkit.Agent.YYF creates the following registry entry or registry entries:
Run keys
cdoosoft
kamsoft

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.