Trojan-Downloader.Win32.Piker.zk
Trojan-Downloader.Win32.Piker.zk is a menacing program that can download harmful files from a remote server and execute them on a compromised PC. Trojan-Downloader.Win32.Piker.zk may also download rogue security software and display fake scans or pop-up adverts. Trojan-Downloader.Win32.Piker.zk has an encrypted section where the locations and names of malicious files, that it has to download and install via the internet, are stored. Trojan-Downloader.Win32.Piker.zk will also create a start-up registry once it has entered a victim's system. The manual removal of Trojan-Downloader.Win32.Piker.zk may be difficult; however an anti-spyware program should easily detect and remove Trojan-Downloader.Win32.Piker.zk.
File System Details
Trojan-Downloader.Win32.Piker.zk may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %AppData%\shsyed\ehlxsysguard.exe |
Registry Details
Trojan-Downloader.Win32.Piker.zk may create the following registry entry or registry entries:
JITDebug = 0x00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download]
[HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings]
LowRiskFileTypes = ".exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
RunInvalidSignatures = 0x00000001
SaveZoneInformation = 0x00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
qpncxusp = "%AppData%\shsyed\ehlxsysguard.exe"
