Should I block it?

98%
Yes, 98% block recommendation.
Possible reason:
Multiple malware detections

Relationships

ypvmj.exe

Remove ypvmj.exe
MD5:   3b7a992ae53ebb41dd1e566e4172e9c0
SHA1:   1ef0295638190615081c6051cc1811691a647f53
SHA256:   f09afc177afbc8e2d36a57d105d3f79a70ec2e36701c9759e19d54a009279f11
Warning 45 antivirus scanners has detected malware.

Overview

ypvmj.exe is malware that executes as a process under the SYSTEM account with extensive privileges (the system and the administrator accounts have the same file privileges) typically within the context of its parent sohcimp.exe (Sony Home Network Library by Sony Corporation). It has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. This particular version is usually found on Windows 7 Home Basic (6.1.7601.65536).

DetailsDetails

File name:ypvmj.exe
Typical file path:C:\users\user\appdata\local\temp\ypvmj.exe
Size:35.17 KB (36,010 bytes)
Build date:12/5/2012 4:04 PM
Digital DNA
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Windows firewall allowed program
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Windows\TEMP\gvup.exe'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 45 of them detected the following malware.
Antivirus engineEngine versionDetection
Agnitum 5.5.1.3 TrojanSpy.Keatep!RNVxzBr1G1g
AhnLab V3 Internet Security 2013.10.03 Trojan/Win32.SCKeyLog
Avira AntiVir 7.11.105.176 TR/Dropper.Gen
Antiy Labs AVL 2.0.3.7 Trojan/Win32.Agent
avast! 8.0.1489.320 Win32:Sality-GR
AVG 13.0.0.3169 PSW.Agent.AZSZ
Baidu Antivirus 3.5.1.41473 Worm.Win32.Stealer.30
BitDefender 7.2 Trojan.Crypt.HO
Bkav Security 1.3.0.4246 W32.DropperKeatep.Trojan
CAT Quick Heal 10.13.12.00 TrojanPSW.Agent.aeuw
Commtouch 5.4.1.7 W32/Trojan.AZIR-5555
Comodo Internet Security 17038 TrojWare.Win32.Spy.Keatep.A
Dr.Web 8.13.10.5 Trojan.PWS.Stealer.1630
Emsisoft Anti-Malware 3.0.0.589 Trojan-PSW.Win32.Keatep (A)
ESET NOD32 7.8869 a variant of Win32/Spy.Keatep.A
Fortinet 5.1.147.0 W32/Agent.AEUW!tr.pws
F-Secure 11.0.19100.45 Trojan.Crypt.HO
G Data 13.10.22 Trojan.Crypt.HO
Ikarus T3.1.5.4.0 Trojan-Dropper.Win32.Sality
Jiangmin 16.0.100 Trojan/PSW.Agent.adrz
K7 AntiVirus 9.173.9757 Password-Stealer
K7GW 12.7.0.14 Password-Stealer
Kaspersky 9.0.0.837 Trojan-PSW.Win32.Agent.aeuw
Kingsoft 2013.4.9.267 Win32.Troj.Undef.(kcloud)
Malwarebytes 1.75.0.1 Spyware.Password
McAfee 5.600.1067 RDN/Generic PWS.y!lh
McAfee Gateway Anti-Malware v2013-dat RDN/Generic PWS.y!lh
Microsoft Security Essentials 1.9901.0 TrojanSpy:Win32/Keatep.B
eScan by MicroWorld 12.0.250.0 Trojan.Crypt.HO
NANO AntiVirus 0.26.0.55203 Trojan.Win32.Stealer.bckjbt
Norman 7.02.06 Pramro.C
nProtect 2013-10-02.03 Trojan-PWS/W32.Agent.36010
Panda Antivirus 10.0.3.5 Trj/OCJ.A
PC Tools 9.0.0.2 Downloader.Generic
Rising Antivirus 24.81.06.04 Trojan.Win32.Generic.13AD3A3F
Sophos 4.93.0 Mal/Generic-L
SUPERAntiSpyware 5.6.0.1032 Trojan.Agent/Gen
Symantec 20131.1.5.61 Downloader
The Hacker 6.8.0.5.339 Posible_Worm32
Total Defense 37.0.10498 Win32/Maazben!generic
Trend Micro 9.740.0.1012 TROJ_SPNR.0BL812
Trend Micro HouseCall 9.700.0.1001 TROJ_SPNR.0BL812
Vba32 AntiVirus 3.12.24.3 Trojan.PSW.17107
VIPRE Antivirus 22044 Trojan-PWS.Win32.Agent.aeuw (v)
ViRobot 2011.4.7.4223 Trojan.Win32.A.PSW-Agent.36010.A[UPX]

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00868225%
0.028634%
Kernel CPU:0.00707025%
0.013761%
User CPU:0.00161200%
0.014873%
Kernel CPU time:607,569 ms/min
100,923,805ms/min
Memory
Private memory:13.55 MB
21.59 MB
Private (maximum):10.45 MB
Private (minimum):6.28 MB
Non-paged memory:13.55 MB
21.59 MB
Virtual memory:87.52 MB
140.96 MB
Virtual memory (peak):99 MB
169.69 MB
Working set:7.09 MB
18.61 MB
Working set (peak):10.55 MB
37.95 MB
Resource allocations
Threads:12
12
Handles:308
600
GUI GDI count:9
103
GUI GDI peak:9
142
GUI USER count:5
49
GUI USER peak:6
71

BehaviorsProcess properties

Integrety level:System
Platform:64-bit
Command lines:
  • C:\windows\temp\gvup.exe
  • C:\users\user\appdata\local\temp\ypvmj.exe
Owner:SYSTEM
Parent process:sohcimp.exe (Sony Home Network Library by Sony Corporation)

ResourcesThreads

Averages
 
ypvmj.exe (main module)
Total CPU:8.95574628%
0.272967%
Kernel CPU:6.38290063%
0.107585%
User CPU:2.57284565%
0.165382%
CPU cycles:196,019,152/sec
5,741,424/sec
Context switches:159/sec
79/sec
Memory:496 KB
1.16 MB
ntdll.dll
Total CPU:0.00264244%
Kernel CPU:0.00000000%
User CPU:0.00264244%
CPU cycles:23,916/sec
Memory:1.66 MB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Basic 100.00%

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Sony 100.00%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE