W32/Yakes.B!tr
Posted: October 19, 2011
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 143 |
| First Seen: | October 19, 2011 |
|---|---|
| Last Seen: | May 4, 2021 |
| OS(es) Affected: | Windows |
W32/Yakes.B!tr is a malicious Trojan which is involved in the Internal Revenue Service (IRS) malware campaign. The spam email with the title "Last Notice" allegedly coming from the IRS contains a malicious attachment named "IRS_Calculations_#ID6749.zip". If the infected attachment is opened and the file is run, W32/Yakes.B!tr infects your machine. If you have received a fake IRS "Last Notice" email message, ignore it, and delete from your inbox as quickly as possible.
Aliases
TR/Kazy.156377 [AntiVir]Trojan.Siggen5.3175 [DrWeb]Heur.Suspicious [Comodo]Backdoor.Win32.IRCBot.aepk [Kaspersky]PWS-Zbot-FAQO!228796B0C718 [McAfee]Trj/Dtcontx.C [Panda]Troj/Zbot-EGQ [Sophos]Artemis!AADA2999CA19 [McAfee-GW-Edition]RDN/Generic.bfr!bh [McAfee]Trojan-Ransom.Win32.Blocker.awyl [Kaspersky]Trojan Horse [Symantec]Trojan-Ransom.Win32.Blocker.awuw [Kaspersky]SHeur4.BDTH [AVG]Trojan-Ransom.Win32.Blocker [Ikarus]TR/Ransom.Blocker.awjc [AntiVir]
More aliases (111)
More aliases (111)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%APPDATA%\e81236cb-87d4-469a-8919-ea4322547946.exe
File name: e81236cb-87d4-469a-8919-ea4322547946.exeSize: 41.98 KB (41984 bytes)
MD5: da6ebac1d8016d0c74e351ae4c64f807
Detection count: 76
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: March 21, 2013
%ALLUSERSPROFILE%\Local Settings\Temp\f2e6fe2e.com
File name: f2e6fe2e.comSize: 36.86 KB (36864 bytes)
MD5: e31213f10015971d860474495d21fb69
Detection count: 72
File type: Command, executable file
Mime Type: unknown/com
Path: %ALLUSERSPROFILE%\Local Settings\Temp
Group: Malware file
Last Updated: October 25, 2011
%APPDATA%\Microsoft\Internet Explorer\checkdisku.exe
File name: checkdisku.exeSize: 88.57 KB (88576 bytes)
MD5: b4585c4492446882fc861414e47e073c
Detection count: 33
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\Internet Explorer
Group: Malware file
Last Updated: March 29, 2013
%LOCALAPPDATA%\Skype\Skype.exe
File name: Skype.exeSize: 57.85 KB (57856 bytes)
MD5: 43198ee4c63651fd7383ad7b5a322a18
Detection count: 31
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%\Skype
Group: Malware file
Last Updated: March 2, 2012
revalver_mk3_keygen_taringa.exe
File name: revalver_mk3_keygen_taringa.exeSize: 78.33 KB (78336 bytes)
MD5: df6006f869175cd1af6e8a602b9da263
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 20, 2011
revalver_mk3_keygen_taringa.exe
File name: revalver_mk3_keygen_taringa.exeSize: 78.33 KB (78336 bytes)
MD5: d79de11e9107c3bad89b018e0bbdc98c
Detection count: 25
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 20, 2011
revalver_mk3_keygen_taringa.exe
File name: revalver_mk3_keygen_taringa.exeSize: 78.33 KB (78336 bytes)
MD5: c6339d449a6a994ba1cace3a4ea56274
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 20, 2011
revalver_mk3_keygen_taringa.exe
File name: revalver_mk3_keygen_taringa.exeSize: 68.68 KB (68688 bytes)
MD5: 5078db0e6547988da0242e664e685e38
Detection count: 20
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 20, 2011
%APPDATA%\Microsoft\Protect\ekxsekx.exe
File name: ekxsekx.exeSize: 90.62 KB (90624 bytes)
MD5: 9dc0e96a6274b634fdbf3d6b61d8bcce
Detection count: 13
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\Protect
Group: Malware file
Last Updated: November 1, 2011
%USERPROFILE%\Application Data\csrss.exe
File name: csrss.exeSize: 33.28 KB (33280 bytes)
MD5: 9c00a7da813107d645889f2fad2973bf
Detection count: 13
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Application Data
Group: Malware file
Last Updated: January 24, 2012
%ALLUSERSPROFILE%\Local Settings\Temp\mspzoxya.pif
File name: mspzoxya.pifSize: 33.79 KB (33792 bytes)
MD5: f491d31f424895798c1048207fa735a6
Detection count: 9
Mime Type: unknown/pif
Path: %ALLUSERSPROFILE%\Local Settings\Temp
Group: Malware file
Last Updated: March 2, 2012
%SystemDrive%\Documents and Settings\Guest\Application Data\Microsoft\nbcayu.exe
File name: nbcayu.exeSize: 1.86 MB (1860096 bytes)
MD5: e5b92af310683bbd12dbbac54e3eac99
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Documents and Settings\Guest\Application Data\Microsoft
Group: Malware file
Last Updated: June 22, 2012
%SystemDrive%\Users\<username>\AppData\Roaming\a9f80a6a-b7af-4390-96e9-8d30bb426ff7.exe
File name: a9f80a6a-b7af-4390-96e9-8d30bb426ff7.exeSize: 39.42 KB (39424 bytes)
MD5: aada2999ca199bbdc00f673f941887f8
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\AppData\Roaming
Group: Malware file
Last Updated: March 21, 2013
%USERPROFILE%\Lokale Einstellungen\Anwendungsdaten\Adobe\nVDLNGfW.exe
File name: nVDLNGfW.exeSize: 924.16 KB (924160 bytes)
MD5: f92324beb799f8e7b09d674eb8476b25
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Lokale Einstellungen\Anwendungsdaten\Adobe
Group: Malware file
Last Updated: July 12, 2013
%SystemDrive%\Users\<username>\Local Settings\Temp\mshpiqai.exe
File name: mshpiqai.exeSize: 41.98 KB (41984 bytes)
MD5: 5f4720bc139ff1a0f1454bf57f2653d2
Detection count: 1
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\Local Settings\Temp
Group: Malware file
Last Updated: January 28, 2013
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.