Trojan.Win32.VBKrypt.covy

Trojan.Win32.VBKrypt.covy is a Trojan that runs automatically under the guise of a native Windows component to hide its malicious activities. Attacks by Trojan.Win32.VBKrypt.covy may install other hostile programs onto your PC or create serious security holes that allow remote entities to control the computer. There are strong indications that Trojan.Win32.VBKrypt.covy is linked to spyware programs like SpyEye, and any Trojan.Win32.VBKrypt.covy infection should be considered a serious threat to both your security and privacy until you've used good security software to remove Trojan.Win32.VBKrypt.covy from your computer.

The Invisible Trojan.Win32.VBKrypt.covy Infection Scheme

Trojan.Win32.VBKrypt.covy is a new 2011-era threat that tries to avoid being detected while attacking your security and causing a variety of other harmful actions. Some versions of Trojan.Win32.VBKrypt.covy have been seen using compression or packing technology that reduce file size and make it more difficult to detect Trojan.Win32.VBKrypt.covy; using up-to-date security programs will help to reduce this issue.

Many of the memory processes that Trojan.Win32.VBKrypt.covy uses to function bear the names of natural parts of Windows – you may see additional svchost.exe or lsass.exe processes in the Windows Task Manager. However, Trojan.Win32.VBKrypt.covy's stealth efforts don't extend to some of its files, which are clearly identifiable in a 'cleansweep' folder.

Cleansweep files, despite the harmless-sounding name, are often related to components of a SpyEye Trojan infection. Although harmful enough by itself, Trojan.Win32.VBKrypt.covy may only be an arm of a SpyEye attacker that's being used to gather information like the following:

• Cached or information field answers that have been saved by your web browser, including login details, passwords and email addresses.
• Banking information, including credit card numbers and user names for online banking activities.
• Personal identity information such as Social Security numbers.

Although any backdoor Trojan like Trojan.Win32.VBKrypt.covy can theoretically be configured to steal the above information, SpyEye Trojans are built to specialize in it, and so you should be particularly cautious about the threat to your privacy whenever you see cleansweep.exe or another Trojan.Win32.VBKrypt.covy or SpyEye Trojan file.

The More Individual Traits of a Trojan.Win32.VBKrypt.covy Attack

Some other characteristics of a Trojan.Win32.VBKrypt.covy infection that have been specifically linked to Trojan.Win32.VBKrypt.covy itself include:

• Trojan.Win32.VBKrypt.covy files will exploit the Windows Registry so that Trojan.Win32.VBKrypt.covy runs as soon as Windows starts. This doesn't necessarily indicate that you'll see any visible symptoms of Trojan.Win32.VBKrypt.covy being active unless you monitor active memory processes.
• Trojan.Win32.VBKrypt.covy will also use the Registry to modify your settings and disable your PC security. This may let remote criminals attack your PC or let Trojan.Win32.VBKrypt.covy install other harmful programs without the action being blocked by your security. Although this attack doesn't harm the relevant programs in a direct sense, you may need to restore the appropriate Registry information before you can use these applications again.
• Trojan.Win32.VBKrypt.covy has also been reported to make contact with the Microsoft website to gather information about your computer. This may enable Trojan.Win32.VBKrypt.covy to perform other attacks or simply use up system resources like memory.