Ransom

Ransom:MSIL/Yodaware.C removal tips

Malware Removal

The Ransom:MSIL/Yodaware.C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom:MSIL/Yodaware.C virus can do?

  • Network activity detected but not expressed in API logs

How to determine Ransom:MSIL/Yodaware.C?



File Info:

crc32: 44759320
md5: 5e5e526a69490399494dcd7195bb6c67
name: 5E5E526A69490399494DCD7195BB6C67.mlw
sha1: c9428afa269bbf8c48a08a7109c553163d2051e7
sha256: 0ba324337b1d76a5afc26956d4dc9f57786483230112eaead5b5c92022c089c7
sha512: 9097108a29fe8aed756bb5e6a75df303ac677cc8069c08f8c76cd9b10e865a447f82d13777fa05dacbac9540edb13875f3f03ff0d165d7397c9c35aad4666fcf
ssdeep: 6144:LViYjDaF1BLLvdocNcdul5RorTsclzBL9GyRTGzZnjhLlLNRb:RiBLLvdocekUTh1UueZjx
type: PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2021
Assembly Version: 1.0.0.0
InternalName: ap.exe
FileVersion: 1.0.0.0
CompanyName: ap
LegalTrademarks: 
Comments: 
ProductName: ap
ProductVersion: 1.0.0.0
FileDescription: ap
OriginalFilename: ap.exe

Ransom:MSIL/Yodaware.C also known as:

LionicTrojan.MSIL.Crypt.4!c
Elasticmalicious (high confidence)
DrWebTrojan.MulDrop18.36578
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_60% (W)
AlibabaRansom:MSIL/Yodaware.99da4644
K7GWRiskware ( 0040eff71 )
SymantecTrojan.Apostrius
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Trojan.MSIL.Crypt.gen
BitDefenderTrojan.GenericKD.37493975
MicroWorld-eScanTrojan.GenericKD.37493975
TencentMsil.Trojan.Crypt.Sxys
Ad-AwareTrojan.GenericKD.37493975
SophosMal/Generic-S
BitDefenderThetaGen:NN.ZemsilF.34110.pm0@aG3cAdh
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.5e5e526a69490399
EmsisoftTrojan.GenericKD.37493975 (B)
SentinelOneStatic AI – Suspicious PE
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftRansom:MSIL/Yodaware.C
ZoneAlarmHEUR:Trojan.MSIL.Crypt.gen
GDataWin32.Trojan.Agent.K1KG69
McAfeeArtemis!5E5E526A6949
MAXmalware (ai score=81)
PandaTrj/GdSda.A
RisingTrojan.AntiVM!1.CF63 (CLASSIC)
IkarusRansom.MSIL.Yodaware
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Crypt!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Ransom:MSIL/Yodaware.C?

Ransom:MSIL/Yodaware.C removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment