Win32/Kryptik.YSN removal tips

The Win32/Kryptik.YSN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Kryptik.YSN virus can do?

At least one process apparently crashed during execution
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Win32/Kryptik.YSN?


File Info:
name: CAB7744D25484BD47654.mlw
path: /opt/CAPEv2/storage/binaries/48040ec9ded53f45c1c73f232f961c19b451cbd9d0b0a76c30737513e079cbf9
crc32: 2071DE3F
md5: cab7744d25484bd476545726bdad02d5
sha1: 70c88e79dba6b17f90fbca8cca1c5126e70f154b
sha256: 48040ec9ded53f45c1c73f232f961c19b451cbd9d0b0a76c30737513e079cbf9
sha512: 59f78f2029b988e3eb571ecdccd8a5c4743314db03e2090949d697b25062e3f7d99e9d6a7a8b3aab3396e41e0145dd925e42f693bfa296cd8faac03efa603bcc
ssdeep: 3072:8LQo7P8ngioaxp0V08fTpShkyvHQqsP6bUqrqyjSNDNDT2Y:ZoYngPaUHfXqs/q/G5TF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17E24CEF350219C5BC03049B0CBE5CB8787E57E219F405E6B972239A8E8B35E47B2BD65
sha3_384: d05ae992ccdf89778beaae3005f7ca975b40ab951813b69c3765fb376f93505ddce9eb6793374e457cf361d1394ed69c
ep_bytes: 8b3d182043008b1d0c20430023fb891d
timestamp: 2011-04-23 11:57:32

Version Info:
CompanyName: Promise Technology, Inc.
FileDescription: Home Fanny Dose
FileVersion: 7.9
InternalName: Await Limbs Later
OriginalFilename: Kfnpe.exe
ProductName: Ufo
ProductVersion: 7.9
Translation: 0x0409 0x04b0

Win32/Kryptik.YSN also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
FireEye	Generic.mg.cab7744d25484bd4
CAT-QuickHeal	TrojanPWS.Zbot.Y
ALYac	Gen:Variant.Crypt.61
Cylance	Unsafe
VIPRE	Lookslike.Win32.Sirefef.zh (v)
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Riskware ( 0040eff71 )
Alibaba	Trojan:Win32/EncPk.c56b235c
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.d25484
BitDefenderTheta	Gen:NN.ZexaF.34212.my1@a0EVRKei
Cyren	W32/Symmi.AP.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.YSN
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Crypt.61
NANO-Antivirus	Trojan.Win32.Panda.vodgd
MicroWorld-eScan	Gen:Variant.Crypt.61
Avast	Win32:Reveton-Y [Trj]
Tencent	Malware.Win32.Gencirc.114bf15f
Ad-Aware	Gen:Variant.Crypt.61
Emsisoft	Gen:Variant.Crypt.61 (B)
Zillya	Trojan.Kryptik.Win32.930572
McAfee-GW-Edition	BehavesLike.Win32.Generic.dh
Sophos	ML/PE-A + Mal/EncPk-ABFU
Ikarus	Trojan.Crypt
GData	Gen:Variant.Crypt.61
Jiangmin	Trojan.Generic.dwsjt
Webroot	W32.Rogue.Gen
Avira	TR/Crypt.XPACK.Gen
Antiy-AVL	Trojan/Win32.Unknown
Arcabit	Trojan.Crypt.61
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	PWS:Win32/Zbot!ml
SentinelOne	Static AI – Malicious PE
AhnLab-V3	Malware/Win32.Generic.C1955701
Acronis	suspicious
McAfee	GenericRXKX-KI!CAB7744D2548
VBA32	BScope.Trojan.Cloxer
Malwarebytes	Malware.Heuristic.1006
APEX	Malicious
Rising	Spyware.Zbot!8.16B (CLOUD)
Yandex	Trojan.Agent!b+q5F6MALgQ
MAX	malware (ai score=100)
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Kryptik.ABC!tr
AVG	Win32:Reveton-Y [Trj]
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Win32/Kryptik.YSN?

Win32/Kryptik.YSN removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X