About "Trojan.Agent.CYMY" infection

The Trojan.Agent.CYMY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Agent.CYMY virus can do?

Executable code extraction
Creates RWX memory
A process created a hidden window
Uses Windows utilities for basic functionality
Installs itself for autorun at Windows startup
Attempts to identify installed AV products by registry key
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Trojan.Agent.CYMY?


File Info:
crc32: 941C6CE1
md5: 425e0be80c2029edadb113ae3ca29f18
name: 425E0BE80C2029EDADB113AE3CA29F18.mlw
sha1: cc14d999d2b2f52570861e9c0fbf946e36febbf4
sha256: 2166639f66a691c2e107445e3fda1e1dbbc93718f43b0f2709df5a80086282f4
sha512: 8452e5d063b649c2f9c5bed3adb0ed1545111dfda1e5c1ddfc5b2bf23c0503ab94c1496d15389ce33b3debd418e8369cd7d7bda19244ccaa1ac5def51b9ec766
ssdeep: 6144:PRxEEKVe9rtMuaD/LaHrtpoShl+bPYjtaZqOUW7+Ezi022v1ZBTyLT233q7UmTl:519sLQwShoscPJewtZ9yW330KZNR
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: (C)Qihu 360 Software Co., Ltd. All rights reserved.
InternalName: 360TSLiveUpd.exe
FileVersion: 9,0,0,1000
CompanyName: QIHU 360 SOFTWARE CO. LIMITED
ProductName: 360 Total Security
ProductVersion: 9,0,0,1000
FileDescription: 360 ipdate Module
OriginalFilename: TSLiveUpd.exe
Translation: 0x0409 0x04b0

Trojan.Agent.CYMY also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0052f4861 )
Lionic	Trojan.Win32.Yakes.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen7.52148
Cynet	Malicious (score: 100)
ALYac	Trojan.Agent.CYMY
Cylance	Unsafe
Zillya	Trojan.Yakes.Win32.68452
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_80% (D)
K7GW	Trojan ( 0052f4861 )
Cybereason	malicious.80c202
Symantec	Packed.Generic.459
ESET-NOD32	a variant of Win32/Kryptik.GGFU
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Malware.Cype-7077783-0
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Trojan.Agent.CYMY
NANO-Antivirus	Trojan.Win32.Yakes.fawjmv
MicroWorld-eScan	Trojan.Agent.CYMY
Tencent	Malware.Win32.Gencirc.10c8ba2e
Ad-Aware	Trojan.Agent.CYMY
Sophos	Mal/Generic-S
Comodo	TrojWare.Win32.Yakes.FN@7ngy6d
BitDefenderTheta	Gen:NN.ZexaF.34294.Lq0@aWg5OBhi
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TrojanSpy.Win32.TRICKBOT.SMB.hp
McAfee-GW-Edition	BehavesLike.Win32.Ransomware.jh
FireEye	Generic.mg.425e0be80c2029ed
Emsisoft	Trojan.Agent.CYMY (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Yakes.zox
Webroot	W32.Rogue.Gen
Avira	HEUR/AGEN.1109183
Antiy-AVL	Trojan/Generic.ASMalwS.25EE965
Microsoft	TrojanDropper:Win32/Bunitu.G
GData	Trojan.Agent.CYMY
TACHYON	Trojan/W32.Agent.622080.DC
AhnLab-V3	Malware/Win32.Generic.R249169
Acronis	suspicious
McAfee	Packed-FEE!425E0BE80C20
MAX	malware (ai score=99)
VBA32	BScope.Trojan.Yakes
Malwarebytes	Malware.AI.4031647231
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TrojanSpy.Win32.TRICKBOT.SMB.hp
Rising	Ransom.Locky!1.AE2E (CLASSIC)
Yandex	Trojan.Yakes!KD+BXs/Z8S8
Ikarus	Trojan.Win32.Crypt
MaxSecure	Trojan.Malware.7164915.susgen
Fortinet	W32/Kryptik.GWSH!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Trojan.Agent.CYMY?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About “Trojan.Agent.CYMY” infection