How to remove “Trojan:Win32/Ymacco.AA90”?

Malware Removal

The Trojan:Win32/Ymacco.AA90 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan:Win32/Ymacco.AA90 virus can do?

  • Injection (inter-process)
  • At least one process apparently crashed during execution
  • Injection with CreateRemoteThread in a remote process
  • Uses Windows utilities for basic functionality
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Creates a hidden or system file
  • Harvests information related to installed mail clients

How to determine Trojan:Win32/Ymacco.AA90?


File Info:

crc32: 716489EC
md5: abdac09caa208d2eeb7bd9e968510398
name: tmpfvw7i93u
sha1: 571679d0a835e14b76f1e2c30a58a9f06d3bb6ab
sha256: 90b33a5651f2e3a43b08a10e3a50976d3b1740a13f28a17462edca13520f3a37
sha512: 91842c57a3c231473703577e5fd53cef2f9191e9672af4b314d62bf3f8fef657b5393828f456e232abac68717ead85180c49ad7262b60a8b5020325dca1a4b0f
ssdeep: 1536:Q3eTfNqd7wGHrDxX4Ma0VZyVDeMT4TOjUuydppUmkb7FxJiKWvPe:QgNqfDxX4OV0uOjfApUmkb7FxJLWvPe
type: ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, not stripped

Version Info:

0: [No Data]

Trojan:Win32/Ymacco.AA90 also known as:

MicroWorld-eScanGen:Variant.Trojan.Linux.Gafgyt.5
FireEyeGen:Variant.Trojan.Linux.Gafgyt.5
ALYacGen:Variant.Trojan.Linux.Gafgyt.5
SangforMalware
BitDefenderThetaGen:NN.Mirai.34128
SymantecTrojan.Gen.NPE
ESET-NOD32a variant of Linux/Gafgyt.APF
TrendMicro-HouseCallBackdoor.Linux.BASHLITE.SMJC2
AvastELF:DDoS-Y [Trj]
ClamAVUnix.Dropper.Mirai-7138865-0
GDataGen:Variant.Trojan.Linux.Gafgyt.5
KasperskyHEUR:Backdoor.Linux.Gafgyt.a
BitDefenderGen:Variant.Trojan.Linux.Gafgyt.5
RisingTrojan.Gafgyt/Linux!1.C12A (CLASSIC)
Ad-AwareGen:Variant.Trojan.Linux.Gafgyt.5
SophosMal/Generic-S
ComodoMalware@#2dcpqv2bmuusi
F-SecureMalware.LINUX/Gafgyt.wqrrx
DrWebLinux.BackDoor.Fgt.188
TrendMicroBackdoor.Linux.BASHLITE.SMJC2
McAfee-GW-EditionRDN/Generic.dx
EmsisoftGen:Variant.Trojan.Linux.Gafgyt.5 (B)
IkarusTrojan.Linux.Gafgyt
CyrenE32/Trojan.WXWD-8
AviraLINUX/Gafgyt.wqrrx
Antiy-AVLTrojan[Backdoor]/Linux.Gafgyt.a
ArcabitTrojan.Trojan.Linux.Gafgyt.5
AegisLabTrojan.Linux.Gafgyt.m!c
ZoneAlarmHEUR:Backdoor.Linux.Gafgyt.a
Avast-MobileELF:DDoS-S [Trj]
MicrosoftTrojan:Win32/Ymacco.AA90
CynetMalicious (score: 85)
AhnLab-V3Linux/Gafgyt.Gen28
McAfeeRDN/Generic.dx
TencentLinux.Backdoor.Gafgyt.Lqow
MAXmalware (ai score=85)
FortinetELF/Gafgyt.ARN!tr
AVGELF:DDoS-Y [Trj]
Qihoo-360Linux/Backdoor.812

How to remove Trojan:Win32/Ymacco.AA90?

Trojan:Win32/Ymacco.AA90 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment