Should I remove “Trojan:Win32/Ymacco.AB90”?

The Trojan:Win32/Ymacco.AB90 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Ymacco.AB90 virus can do?

Reads data out of its own binary image
A process created a hidden window
Drops a binary and executes it
Uses Windows utilities for basic functionality

How to determine Trojan:Win32/Ymacco.AB90?


File Info:
crc32: CD4CCDEF
md5: a6b605c4fa1ab6361219008c6174f15c
name: A6B605C4FA1AB6361219008C6174F15C.mlw
sha1: 474ed56ba18bfc91debf3e38e793d025c3d92e1c
sha256: 90a286ac5b49100aeb8038af277dbabc3853e6fe5557c19d5a64885f015596b1
sha512: bb6d40ab9c251a5afe5c7a0b1e9e971f105171382cf03438501923ce05fe732cbb1a701c2330478f3b0d367da8133ee6924c265531b0b87753ba0a0eda2a0058
ssdeep: 24576:l1qUutnXwk581ZLc+qvDlyaqaM/xN8yTJLrKif8wpEeTi+QQY+3fiZQyDD:l1qUu1Xwk5kQncaHqNRNfRThQZ+P6PDD
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright xa9 2005-2016 Oleg N. Scherbakov
InternalName: 7ZSfxMod
FileVersion: 1.7.0.3900
CompanyName: Oleg N. Scherbakov
PrivateBuild: April 1, 2016
ProductName: 7-Zip SFX
ProductVersion: 1.7.0.3900
FileDescription: 7z Setup SFX (x86)
OriginalFilename: 7ZSfxMod_x86.exe
Translation: 0x0000 0x04b0

Trojan:Win32/Ymacco.AB90 also known as:

Bkav	W32.AIDetect.malware2
DrWeb	Trojan.PWS.Stealer.30310
ALYac	Trojan.GenericKD.46116103
Cylance	Unsafe
Sangfor	Trojan.Win32.Wacatac.B
Alibaba	Trojan:Win32/Bingoml.070077b5
K7GW	Trojan ( 0057a8c81 )
K7AntiVirus	Trojan ( 0057a8c81 )
Cyren	W32/Trojan.KGIF-8178
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	Win32/Agent.ACXU
Avast	Win32:Trojan-gen
Kaspersky	Trojan.Win32.Bingoml.brvf
BitDefender	Trojan.GenericKD.46116103
MicroWorld-eScan	Trojan.GenericKD.46116103
Ad-Aware	Trojan.GenericKD.46116103
Sophos	Mal/Generic-S
Comodo	Malware@#3vhfic9k85gx3
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Dropper.tc
FireEye	Trojan.GenericKD.46116103
Emsisoft	Trojan.GenericKD.46116103 (B)
Webroot	Pua.Opencandy
Kingsoft	Win32.Troj.Bingoml.br.(kcloud)
Microsoft	Trojan:Win32/Ymacco.AB90
Arcabit	Trojan.Generic.D2BFAD07
AegisLab	Trojan.Win32.Bingoml.4!c
ZoneAlarm	Trojan.Win32.Bingoml.brvf
GData	Trojan.GenericKD.46116103
McAfee	Artemis!A6B605C4FA1A
MAX	malware (ai score=83)
VBA32	Trojan.Bingoml
Malwarebytes	Trojan.Dropper.Generic
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002C0WDL21
Rising	Trojan.HiddenRun/SFX!1.D52F (CLASSIC)
Yandex	Trojan.Bingoml!jBbzQfF8+jY
Fortinet	W32/Agent.ACXU!tr
AVG	Win32:Trojan-gen

How to remove Trojan:Win32/Ymacco.AB90?

Trojan:Win32/Ymacco.AB90 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X