Win32/TrojanDownloader.Agent.FYS removal

The Win32/TrojanDownloader.Agent.FYS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/TrojanDownloader.Agent.FYS virus can do?

Authenticode signature is invalid
Anomalous binary characteristics

How to determine Win32/TrojanDownloader.Agent.FYS?


File Info:
name: C0AA2D60C64E162385A7.mlw
path: /opt/CAPEv2/storage/binaries/45f90aec18e5da7528e001553b9ab3bf56f27e29ac2e566dfb5bbd394d833551
crc32: 5B4E28E6
md5: c0aa2d60c64e162385a79a790ec14d70
sha1: 5ed259c3fe47da4f91cd21bf4b90a5aa06d5855a
sha256: 45f90aec18e5da7528e001553b9ab3bf56f27e29ac2e566dfb5bbd394d833551
sha512: 636665b759d1a9887aa21cbcbd421f87eddc3c932278a28d14b74aa6229d6f09d248daa0ce70ed53e6784d2ee912a0e8464f96488f61ee1a1310241211c791c7
ssdeep: 384:YcH+z4ILXYuoZMq1rLbClcUSsBGb+LbtZz5RlAfaxl1TKRq+aGn4dYOKWSkCoCDQ:x+AugrSlcnSGbUR2aBUb4yOKMnGeES
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T138E27C13F4E280B3CD9640B544261A2BEBBBEE11572CDDC387977A466D313D0923F296
sha3_384: 64815b2fb3b705d6b4882d0103a9a6a5fc83425513c3c50bdf9383ff6204ebe7454c8e49fade757ab84ad234f0ee465e
ep_bytes: e840250000e940feffff6a0c6818f040
timestamp: 2021-10-30 07:38:20

Version Info:
0: [No Data]

Win32/TrojanDownloader.Agent.FYS also known as:

Lionic	Trojan.Win32.Generic.4!c
McAfee	GenericRXRD-GY!C0AA2D60C64E
Sangfor	Trojan.Win32.Wacatac.B
CrowdStrike	win/malicious_confidence_70% (W)
Alibaba	TrojanDownloader:Win32/Generic.d48afc4e
Cyren	W32/Mokes.G.gen!Eldorado
ESET-NOD32	Win32/TrojanDownloader.Agent.FYS
APEX	Malicious
BitDefender	Trojan.GenericKD.38908251
MicroWorld-eScan	Trojan.GenericKD.38908251
Rising	Downloader.Agent!8.B23 (CLOUD)
Ad-Aware	Trojan.GenericKD.38908251
DrWeb	Trojan.Siggen15.32772
McAfee-GW-Edition	GenericRXRD-GY!C0AA2D60C64E
Trapmine	malicious.moderate.ml.score
FireEye	Trojan.GenericKD.38908251
Emsisoft	Trojan.GenericKD.38908251 (B)
Ikarus	Trojan.Agent
GData	Trojan.GenericKD.38908251
Jiangmin	Backdoor.Mokes.erv
MAX	malware (ai score=89)
Arcabit	Trojan.Generic.D251B15B
Microsoft	Program:Win32/Wacapew.C!ml
ALYac	Trojan.GenericKD.38908251
TrendMicro-HouseCall	TROJ_GEN.R067H06LK21
Tencent	Win32.Trojan-downloader.Agent.Sxeg
Fortinet	W32/Agent.FYS!tr.dldr
MaxSecure	Trojan.Malware.140117056.susgen

How to remove Win32/TrojanDownloader.Agent.FYS?

Win32/TrojanDownloader.Agent.FYS removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X