Threat Database Trojans Ydky9kv.exe

Ydky9kv.exe

By Domesticus in Trojans

Ydky9kv.exe is an extremely dangerous Trojan file that specializes in downloading and installing rogue security programs. According to our ESG malware researchers, Ydky9kv.exe Trojan file first started appearing in late Spring of 2011. Because of this fact, ESG security researchers strongly recommend that you keep your anti-malware programs fully updated, to make sure you can catch this threat before Ydky9kv.exe enters your computer. Ydky9kv.exe Trojan file is a serious threat to your computer's security and its removal should be the top priority.
 

Ydky9kv.exe Trojan Shrinks and Grows

Ydky9kv.exe has been identified as a file that changes sizes constantly; it can be as small as 15 kilobytes or more than three times larger. It has also been detected with a number of different labels. Our ESG malware researchers have identified any of the following as variations of Ydky9kv.exe Trojan file:

  • Trojan.Win32.FakeAV.bjzk
  • Trojan-Downloader.Win32.Small.burh
  • Trojan.Win32.VBKrypt.bxfl
  • Trojan.Agent/Gen-FakeAlert

This malicious Trojan has been reported in various countries around the world, including the United States, Britain, and Western Europe.
 

Recognizing a Ydky9kv.exe Trojan Infection

Ydky9kv.exe Trojan can be extremely difficult to detect because of Ydky9kv.exe's rootkit tactics; that is, Ydky9kv.exe can infect a computer at its deepest level so that Ydky9kv.exe will not even show up in the Task Manager. It also infects processes that are necessary for Windows to be able to run like svchost or explorer. Often, a computer user will experience symptoms of a severe Trojan infection while genuine anti-malware programs claim that nothing is wrong. Our ESG malware researchers advise that you watch out for the symptoms listed below; if your computer is showing any of these signs, it may be time to update your anti-malware utility:

  • Yky9kv.exe has been known to change your firewall settings, or to disable it completely. This allows Ydky9kv.exe to download malicious files into your computer, as well as sending out your personal information to a third party.
  • Ydky9kv.exe may add new files into your computer.f new files pop-up in your hard drive, this may be a sign that something is not working properly. You can confirm that there is a problem if the files cannot be removed or pop-up again after you delete them.
  • Ydky9kv.exe will download and install rogue security programs like Windows Recovery or Antivirus Protection Trial into your computer.
  • Our ESG malware researchers also suggest making sure that people on your mailing list have not received spam email from your computer, or that there has not been unauthorized activity taken automatically by your computer. Ydky9kv.exe Trojan file has been known to allow criminals to integrate your computer into a botnet to use it to perform DdoS attacks or to send out spam email.

File System Details

Ydky9kv.exe may create the following file(s):
# File Name Detections
1. C:\DOCUME~1\Admini~1\Locals~1\Temp\ydky9kv.exe
2. C:\WINDOWS\Temp\MouseDriver.bat
3. C:\WINDOWS\fonts\services.exe
4. C:\Documents and Settings\\Local Settings\Temp\MouseDriver.bat
5. C:\WINDOWS\Temp\ydky9kv.exe
6. C:\Documents and Settings\\Local Settings\Temp\ydky9kv.exe
7. C:\WINDOWS\Temp\ogunhqym.bat
8. C:\Documents and Settings\\Local Settings\Temp\~DF76CC.tmp
9. C:\Documents and Settings\\Local Settings\Temp\~DF5139.tmp
10. C:\WINDOWS\system32\fl8uphp.log

Registry Details

Ydky9kv.exe may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]"

Trending

Most Viewed

Loading...