How to remove Yogosojo Spyware from PC?

In this post, I am going to inform you about the indicators of Yogosojo spyware presence, and ways to eliminate Yogosojo spyware virus from your PC.

GridinSoft Anti-Malware
Editor's choice
GridinSoft Anti-Malware
Manual Yogosojo removal might be a lengthy and complicated process that requires expert skills. GridinSoft Anti-Malware is a professional antivirus tool that is recommended to get rid of this Yogosojo spyware trojan.
By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for GridinSoft Anti-Malware. 6 days free trial available.

Describing Yogosojo spyware

Yogosojo TrojanSpy as the computer virus is not a solitary application, but a part of considerably more expansive as well as tricky malware – trojan-stealer. It’s a kind of trojan, which is targeted on your individual data, and accumulates really whatever relating to you as well as your personal computer. Generally, stealers have keylogger functions1, which allow them to catch your keystrokes. Besides that, Yogosojo virus can collect your cookie files, your contact number, location; it also can steal all your passwords from the keychain inside of the browser.

Name Yogosojo
Infection Type Spyware
  • Unconventionial binary language: Chinese (Simplified);
  • Unconventionial language used in binary resources: Chinese (Simplified);
  • The binary contains an unknown PE section name indicative of packing;
  • The binary likely contains encrypted or compressed data.;
  • The executable is compressed using UPX;
  • Authenticode signature is invalid;
  • Yara rule detections observed from a process memory dump/dropped files/CAPE;
Similar behavior Malintent, MeiSpy, Lydra
Fix Tool

See If Your System Has Been Affected by Yogosojo spyware

However, the big share of Yogosojo spy are hunting for your banking information: card number, security codes and expiration date. In case if you use online banking, the Yogosojo stealer virus is able to endanger your login and password, so the criminals will certainly get access to your account. A wide range of corporation information may also be a thing of interest of Yogosojo virus distributors, and in case of big companies such information leak might cause tragic effects.

Statistics of spyware activity in 2020
TrojanSpy activity in 2020, compared to backdoor viruses activity

The main dealing manners of Yogosojo spyware are similar to other trojans. Nowadays, most of such apps are spread out via e-mail attachments. These additions (. docx,. pdf files) include infected macroses, which are used by Yogosojo spy to contaminate your system. Often, these mails contain web links to the phishing duplicates of official websites, like Facebook, Twitter, LinkedIn or so.

Rating of different spyware activity

Most popular spyware in 20202

It’s important to mention that there is a separate category of spyware – for Android operating system. Such applications have similar functionalities as the PC version does, but mobile virus is distributed as a legal program for checking the spouse’s or children’s geographic location. Nonetheless, besides swiping various private information, it can additionally demonstrate you a entirely inaccurate place of the phone you are trying to track. Such scenarios might trigger quarrels out of the blue.

How can I understand that my computer is infected with Yogosojo spyware?

Yogosojo spy is a pretty stealth malware, because its efficiency depends upon how long it will function before being tracked. So, Yogosojo spyware producers made everything to make their program presence as imperceptible as feasible. Of course, you will discover that your accounts in social networks are swiped, as well as funds from your bank account is flowing away, however it is far too late.

Yogosojo also known as

Bkav W32.AIDetectMalware
Lionic Hacktool.Win32.Krap.mgDs
Elastic malicious (moderate confidence)
MicroWorld-eScan Gen:Variant.Doina.11726
CAT-QuickHeal TrojanSpy.Yogosojo.A.mue
McAfee Packed-FJ!3749D1A9E259
VIPRE Gen:Variant.Doina.11726
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_90% (W)
Alibaba TrojanSpy:Win32/Yogosojo.5a19c22c
K7GW Trojan ( 0011f3561 )
K7AntiVirus Trojan ( 0011f3561 )
Baidu Win32.Trojan.Agent.ata
Cyren W32/S-97774107!Eldorado
Symantec ML.Attribute.HighConfidence
tehtris Generic.Malware
ESET-NOD32 a variant of Win32/Agent.XKJ
APEX Malicious
Cynet Malicious (score: 100)
Kaspersky Packed.Win32.Krap.jd
BitDefender Gen:Variant.Doina.11726
Avast Win32:Evo-gen [Trj]
Tencent Win32.Packed.Krap.Bdhl
Emsisoft Gen:Variant.Doina.11726 (B)
F-Secure Trojan.TR/Agent.murhs
DrWeb Trojan.Siggen6.45268
Zillya Trojan.KillFilesGen.Win32.2
TrendMicro TROJ_GEN.R002C0DGA23
McAfee-GW-Edition BehavesLike.Win32.PUPXAX.dc
Trapmine malicious.high.ml.score
FireEye Generic.mg.3749d1a9e259895c
Sophos Mal/Generic-S
SentinelOne Static AI – Suspicious PE
GData Gen:Variant.Doina.11726
Jiangmin Packed.Krap.fxnu
Avira TR/Agent.murhs
Antiy-AVL Trojan[Packed]/Win32.Krap.jd
Arcabit Trojan.Doina.D2DCE
ViRobot Trojan.Win.Z.Krap.237056.AJ
ZoneAlarm Packed.Win32.Krap.jd
Microsoft TrojanSpy:Win32/Yogosojo.A
Google Detected
AhnLab-V3 Trojan/Win32.Agent.R147539
BitDefenderTheta AI:Packer.F508CE3226
ALYac Gen:Variant.Doina.11726
MAX malware (ai score=87)
VBA32 TrojanSpy.Yogosojo
Cylance unsafe
Panda Trj/Genetic.gen
TrendMicro-HouseCall TROJ_GEN.R002C0DGA23
Rising Trojan.Agent!8.B1E (TFE:5:vOU6SearnHQ)
Ikarus Packed.Win32.Krap
MaxSecure Packed.Krap.JD
Fortinet W32/Generic.AC.F8832!tr
AVG Win32:Evo-gen [Trj]
Cybereason malicious.9e2598
DeepInstinct MALICIOUS

Domains that associated with Yogosojo:

What are the symptoms of Yogosojo trojan?

  • Unconventionial binary language: Chinese (Simplified);
  • Unconventionial language used in binary resources: Chinese (Simplified);
  • The binary contains an unknown PE section name indicative of packing;
  • The binary likely contains encrypted or compressed data.;
  • The executable is compressed using UPX;
  • Authenticode signature is invalid;
  • Yara rule detections observed from a process memory dump/dropped files/CAPE;

To avoid infiltration of Yogosojo spyware, stay away from launching any kind of additions to the e-mails from suspicious addresses. Nowadays, during quarantine, email-distributed malware becomes far more active. Users (especially ones who began ordering everything on online-marketplaces) do not pay attention to the odd e-mail addresses, and open all the things that reaches their e-mail. And Yogosojo stealer is right in it.

How to remove Yogosojo spyware?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • “Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You can try to do it manually, however, like any other trojan, Yogosojo TrojanSpy puts into effect the modifications really deep within the system. Thus, it’s very difficult to find all these alterations, and even more challenging to clean them out. To deal with this hazardous malware totally, I can advise you to use GridinSoft Anti-Malware.


To detect and erase all malicious programs on your computer with GridinSoft Anti-Malware, it’s better to utilize Standard or Full scan. Quick Scan is not able to find all viruses, because it checks only the most popular registry entries and folders.

Scan types in Gridinsoft Anti-Malware

You can observe the detected malicious items sorted by their possible hazard during the scan process. But to perform any actions against malware, you need to hold on until the scan is over, or to stop the scan.

GridinSoft Anti-Malware during the scan

To choose the action for each detected virus or unwanted program, click the arrow in front of the name of detected malicious app. By default, all the viruses will be moved to quarantine.

List of detected malware after the scan

How to remove Yogosojo Spyware?

Name: Yogosojo

Description: Yogosojo TrojanSpy is classified as a type of malware — malicious software designed to gain access to or damage your computer, often without your knowledge. The Yogosojo gathers your personal information and relays it to advertisers, data firms, or external users. The Yogosojo can install additional software and change the security settings on your PC.

Operating System: Windows

Application Category: Spyware

User Review
4.2 (10 votes)
Comments Rating 0 (0 reviews)
  1. What is Spyware: https://en.wikipedia.org/wiki/Spyware
  2. ESET quaterly report: ESET_Threat_Report_Q22020.pdf

William Reddy

I am from Ireland. My parents bought me a computer when I was 11, and several month after I have got a virus on this PC. I decided to enter the INSA Centre Val de Loire university after being graduated from the school. This French educational institution was offering a brand-new cybersecurity course. After getting the master degree in cybersecurity, I've started working in as virus analyst in a little anti-malware vendor. In 2018, I've decided to start Virus Removal project. The main target of this site is to help people to deal with PC viruses of any kind.

Leave a Reply

Your email address will not be published. Required fields are marked *


Back to top button