Should I remove "Trojan:Win32/Ymacco.AAF2"?

The Trojan:Win32/Ymacco.AAF2 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan:Win32/Ymacco.AAF2 virus can do?

HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Looks up the external IP address
Attempts to remove evidence of file being downloaded from the Internet
A process attempted to delay the analysis task by a long amount of time.
Network activity contains more than one unique useragent.
Attempts to modify proxy settings
Operates on local firewall’s policies and settings
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

mta6.am0.yahoodns.net

icanhazip.com

How to determine Trojan:Win32/Ymacco.AAF2?


File Info:
crc32: EB15202A
md5: 12280af4e3c41c936b2f06c2f6f70392
name: tmpl00m23rn
sha1: 4882fa7c6fa84fbe0fe245a79dd7aba40a52b8ad
sha256: f2e60b032ad3f5a75821d22aa29e6add71e5ac4f5811fe1ab8a7d4f89ef81a3d
sha512: 91f5c01bda90a4af68203db518148affcbfefbd7450f94beecf006a88ae407dea5d06732ae299d3d61ab07ea02bd572487882d79181f3f1c2c5a2593f2d5ff2a
ssdeep: 384:S+vIT7v23FFnMdQlD/z2SSiQa1D8HB9Tme:S+KQ5SWVDABpme
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Trojan:Win32/Ymacco.AAF2 also known as:

MicroWorld-eScan	Generic.Malware.M!Yd.7EFA1BDD
FireEye	Generic.mg.12280af4e3c41c93
CAT-QuickHeal	Trojan.Multi
Qihoo-360	Win32/Trojan.BO.651
ALYac	Trojan.Agent.Phorpiex
Cylance	Unsafe
Sangfor	Malware
K7AntiVirus	Trojan ( 00556fe51 )
Alibaba	TrojanDownloader:Win32/Bitmin.0772d3a5
K7GW	Trojan ( 00556fe51 )
Cybereason	malicious.c6fa84
Arcabit	Generic.Malware.M!Yd.7EFA1BDD
Invincea	heuristic
BitDefenderTheta	Gen:NN.ZexaF.34128.cuY@aGybbCfi
Cyren	W32/Trojan.DVXM-5422
Symantec	Trojan Horse
APEX	Malicious
Avast	Win32:BotX-gen [Trj]
Kaspersky	Trojan-Downloader.Win32.Bitmin.yfq
BitDefender	Generic.Malware.M!Yd.7EFA1BDD
Paloalto	generic.ml
AegisLab	Trojan.Multi.Generic.4!c
Rising	Worm.Phorpiex!8.48D (CLOUD)
Endgame	malicious (high confidence)
Emsisoft	Generic.Malware.M!Yd.7EFA1BDD (B)
Comodo	Malware@#17zfeajclv6x0
F-Secure	Trojan.TR/AD.Phorpiex.hiflh
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Worm.Win32.PHORPIEX.AND
McAfee-GW-Edition	BehavesLike.Win32.Generic.nm
Sophos	Mal/Generic-S
SentinelOne	DFI – Malicious PE
Avira	TR/AD.Phorpiex.hiflh
MAX	malware (ai score=100)
Antiy-AVL	Trojan[Downloader]/Win32.Bitmin
Microsoft	Trojan:Win32/Ymacco.AAF2
ZoneAlarm	Trojan-Downloader.Win32.Bitmin.yfq
GData	Generic.Malware.M!Yd.7EFA1BDD
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.RL_Generic.R296251
Acronis	suspicious
McAfee	GenericRXKR-FV!12280AF4E3C4
VBA32	suspected of Trojan.Downloader.gen.h
Malwarebytes	Trojan.Phorpiex
ESET-NOD32	a variant of Win32/Phorpiex.W
TrendMicro-HouseCall	Worm.Win32.PHORPIEX.AND
Tencent	Win32.Trojan-downloader.Bitmin.Dumi
Yandex	Worm.Phorpiex!rH6iJtqBbVE
Ikarus	Worm.Win32.Phorpiex
eGambit	Unsafe.AI_Score_98%
Fortinet	W32/Phorpiex.W!tr
Ad-Aware	Generic.Malware.M!Yd.7EFA1BDD
AVG	Win32:BotX-gen [Trj]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Trojan:Win32/Ymacco.AAF2?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Should I remove “Trojan:Win32/Ymacco.AAF2”?