Aliases: Trojan!0e41,Trojan.Win32.Yinker, Trojan.Yinker.a, Trojan:Win32/Yinker
Variants: Trojan.Win32.Yinker, Trojan:Win32/Yinker, TR/Yinker.A

Classification: Malware
Category: Trojan Horse

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 20 Feb 2003
Damage: Low

Characteristics: The W32/Yinker.Trojan program is a Trojan horse that creates a new user name (Yinker) and adds this user name to the Administrator group in Windows NT4.0/2000/XP. The Trojan affects windows operating system such as Windows 2000, Windows XP, and Windows NT.

More details about W32.Yinker.Trojan

W32/Yinker.Trojan is a trojan that propagates by copying its code to mapped, fixed and removable media drives on the computer. It can also steal data and download malicious code. The worm can be downloaded from compromised sites. Once W32.Wowinzi.A is executed on your system, the trojan creates the user, "Yinker," and adds it to the Administrators group. The trojan also creates the registry entry to run the virus every time Windows starts. W32.Yinker.Trojan as well stops and restarts the Telnet service.

Apart from opening a backdoor on the user’s machine, the W32/Yinker.Trojan software is also capable of distributing threats to other computers. The propagation of threats may be done through the applications that are already installed on the user’s machine. This include P2P (peer-to-peer) file sharing programs and instant messaging applications. An infected system that is connected to other computers through a single network may easily be infiltrated by the Trojan software.