Ransom

Should I remove “AutoIt:Ransom-L [Trj]”?

Malware Removal

The AutoIt:Ransom-L [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AutoIt:Ransom-L [Trj] virus can do?

  • Reads data out of its own binary image
  • Attempts to modify desktop wallpaper
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine AutoIt:Ransom-L [Trj]?



File Info:

crc32: 4EEC7A57
md5: 86e29f330996d68bfd890e9dded5f5d2
name: 86E29F330996D68BFD890E9DDED5F5D2.mlw
sha1: 76adc4b9eaad6c93eb886e67502b13830b6d5cca
sha256: 017e45d312a8bf0ed03db8d31f03ed2efd7a86b4566667146bbbf3311b1b581b
sha512: 4ffd0de6f0bc2709e4573bf2435259b2d19a801fa3149820795c44e996ccd11c9f2799868c76da3ec77f09ed3db7101e6246b51f2d9e86942af0265f30aa3cde
ssdeep: 12288:ghkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4a73jfgCkG:oRmJkcoQricOIQxiZY1iaDUC/
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

CompiledScript: AutoIt v3 Script: 3, 3, 8, 1
FileVersion: 3, 3, 8, 1
FileDescription: 
Translation: 0x0809 0x04b0

AutoIt:Ransom-L [Trj] also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 0055e3ef1 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.24597
CynetMalicious (score: 85)
CAT-QuickHealProgram.Wacapew
ALYacTrojan.GenericKD.45241846
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 0055e3ef1 )
Cybereasonmalicious.30996d
CyrenW32/Autoit.XNSP-2917
SymantecRansom.Cryptolocker
ESET-NOD32a variant of Win32/Filecoder.Crypt888.B
APEXMalicious
AvastAutoIt:Ransom-L [Trj]
ClamAVWin.Malware.Autoit-6992337-0
BitDefenderTrojan.GenericKD.45241846
MicroWorld-eScanTrojan.GenericKD.45241846
Ad-AwareTrojan.GenericKD.45241846
SophosML/PE-A
BitDefenderThetaAI:Packer.4A72867A16
TrendMicroRansom.AutoIt.CRYPTEIGHT.SMTH
McAfee-GW-EditionBehavesLike.Win32.Dropper.bh
FireEyeGeneric.mg.86e29f330996d68b
EmsisoftTrojan.GenericKD.45241846 (B)
AviraHEUR/AGEN.1110296
MicrosoftProgram:Win32/Wacapew.C!ml
GDataTrojan.GenericKD.45241846
AhnLab-V3Trojan/Win32.FileCoder.R291305
McAfeeArtemis!86E29F330996
MAXmalware (ai score=89)
MalwarebytesRansom.Microcop
TrendMicro-HouseCallRansom.AutoIt.CRYPTEIGHT.SMTH
RisingRansom.Crypt888/Autoit!1.C27B (CLASSIC)
IkarusTrojan-Ransom.Crypt888
FortinetW32/Filecoder.DYB!tr
AVGAutoIt:Ransom-L [Trj]
Paloaltogeneric.ml
Qihoo-360HEUR/QVM10.1.DD1B.Malware.Gen

How to remove AutoIt:Ransom-L [Trj]?

AutoIt:Ransom-L [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment