Linux/TrojanDownloader.SH.YF removal tips

The Linux/TrojanDownloader.SH.YF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Linux/TrojanDownloader.SH.YF virus can do?

• Injection (inter-process)
• Injection with CreateRemoteThread in a remote process
• Uses Windows utilities for basic functionality
• Attempts to repeatedly call a single API many times in order to delay analysis time
• A potential decoy document was displayed to the user
• Network activity detected but not expressed in API logs

Related domains:

How to determine Linux/TrojanDownloader.SH.YF?

File Info:
crc32: A8D2E60A
md5: 7662734892e929994c6cfd8acc5a46fe
name: tmpwcw_lzc5
sha1: e4a03ce5be76f1108ab190d8be063b26847b99c2
sha256: 761fe74737bc6802f59d7664e86acada55d65987b9299e833a669a962a7c465a
sha512: 0b093fdc0d437124db99c3d3d0e4b4b987c8c73d43dd7dec65ee0c11066bf11b3ae72284d7758652c3d5c15ba252e476265b2cde712b3585038d45c85e9d1da5
ssdeep: 96:9179c959I8THzHTUeaPItt8E3jA4DS35E:/8THzHT7tiEE4eS
type: Bourne-Again shell script, ASCII text executable, with very long lines

Version Info:
0: [No Data]

Linux/TrojanDownloader.SH.YF also known as:

How to remove Linux/TrojanDownloader.SH.YF?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.