Malware

How to remove “Program:Win32/Ymacco.AADF”?

Malware Removal

The Program:Win32/Ymacco.AADF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Program:Win32/Ymacco.AADF virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Performs some HTTP requests

Related domains:

stat.offerbox.io

How to determine Program:Win32/Ymacco.AADF?



File Info:

crc32: 6700D3C2
md5: 38224c1bb2ed5646c6579279f74bd540
name: igra_zagadki_volshebnaya_istorya.exe
sha1: dbfbaa4c8d40c7a7a2eadefab6fd9e0803270557
sha256: 324b35c810297508bbf34b17d2eb60ba0f20759a926dc2c8cfa883396581b28b
sha512: c97b9fe2078fc6a4470b749d759c6044bb7c16f21f548f846c1fdff7d77cb958101f96b732bf478e18998df36d175a68e59c0e8aaedea624adb90d4833696f06
ssdeep: 98304:8n7d8N0nLEYRU7urM3dLL8xRRoaboKxur/PcspSL4PwEk:DiVU7r5QFJxur/Vy4Y/
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName: Offerbox                                                    
Comments: This installation was built with Inno Setup.
ProductName: igra_zagadki_volshebnaya_istorya                            
ProductVersion: 0.0.0.1                                           
FileDescription: igra_zagadki_volshebnaya_istorya Setup                      
Translation: 0x0000 0x04b0

Program:Win32/Ymacco.AADF also known as:

FireEyeGeneric.mg.38224c1bb2ed5646
McAfeeArtemis!38224C1BB2ED
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SymantecSMG.Heur!gen
APEXMalicious
Kasperskynot-a-virus:HEUR:Downloader.Win32.OfferInstall.gen
AegisLabRiskware.Win32.OfferInstall.1!c
ComodoApplication.Win32.Appster.CB@7yjsvh
F-SecureHeuristic.HEUR/AGEN.1109570
DrWebProgram.Appset.14
Invinceaheuristic
Trapminesuspicious.low.ml.score
EmsisoftApplication.AdOffer (A)
WebrootW32.Adware.Gen
AviraHEUR/AGEN.1109570
Antiy-AVLGrayWare[AdWare]/Win32.Appster.a
Endgamemalicious (high confidence)
ZoneAlarmnot-a-virus:HEUR:Downloader.Win32.OfferInstall.gen
MicrosoftProgram:Win32/Ymacco.AADF
CynetMalicious (score: 85)
AhnLab-V3PUP/Win32.OfferInstaller.R249693
MalwarebytesPUP.Optional.BundleInstaller
PandaTrj/CI.A
ESET-NOD32a variant of Win32/Appster.D potentially unwanted
YandexPUA.Downloader!
FortinetRiskware/OfferInstall
AVGWin32:Malware-gen
AvastWin32:Malware-gen
Qihoo-360Win32/Virus.Downloader.b0e

How to remove Program:Win32/Ymacco.AADF?

Program:Win32/Ymacco.AADF removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment