About “Barys.57437” infection

The Barys.57437 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Barys.57437 virus can do?

Unconventionial language used in binary resources: Russian

How to determine Barys.57437?


File Info:
crc32: A368250E
md5: 3d9f987fe27c77b5bced967e39e05dec
name: 3D9F987FE27C77B5BCED967E39E05DEC.mlw
sha1: 59f54f39d0b4a3df15a7a5a9465e659a2f68ed3d
sha256: 5375cc18a6ff61fca381d626c50f61c09f752eb919ab21a69845a6b0f3962de1
sha512: 1500172c91e393c79fdd9418c04c11476745769eac6fa728b563df50fd1b522ce4dc0fe591e64502f9cbe73e7f50a2cbba89828f8c757f115066a5300ac8cc30
ssdeep: 768:I3AU2aEDswohCQ5IgBrkTLDGO319jAKfQ175PPtn5uhkaF/BaUBk0kYhstrkvqi:oAtsVlryGi1mhdtkkOdBkFtVe+B
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Barys.57437 also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Barys.57437
FireEye	Generic.mg.3d9f987fe27c77b5
ALYac	Gen:Variant.Barys.57437
Cylance	Unsafe
VIPRE	VirTool.Win32.Obfuscator.hg!b1 (v)
Sangfor	Ransom.Win32.LockScreen.gen!B
BitDefender	Gen:Variant.Barys.57437
K7GW	Trojan ( 0055e4091 )
K7AntiVirus	Trojan ( 0055e4091 )
Cyren	W32/Ransom.F.gen!Eldorado
Symantec	Trojan.Ransomlock
TotalDefense	Win32/RansomLockscreen.AJ
APEX	Malicious
Avast	Win32:Trojan-gen
ClamAV	Win.Trojan.Hmblocker-1160
Kaspersky	HEUR:Trojan.Win32.Generic
Alibaba	Ransom:Win32/LockScreen.5cfd0a54
NANO-Antivirus	Trojan.Win32.HmBlocker.cdpyl
ViRobot	Trojan.Win32.A.HmBlocker.70144.B
AegisLab	Trojan.Win32.HmBlocker.lkxD
Rising	Ransom.HmBlocker!8.2A63 (CLOUD)
Ad-Aware	Gen:Variant.Barys.57437
Emsisoft	Gen:Variant.Barys.57437 (B)
Comodo	TrojWare.Win32.Trojan.Ransom.~B@465pcw
F-Secure	Trojan.TR/Fraud.Gen2
DrWeb	Trojan.Winlock.3079
Zillya	Trojan.HmBlocker.Win32.1391
McAfee-GW-Edition	Ransom-AA
Sophos	Mal/Generic-S
Ikarus	Trojan-Ransom.HmBlocker
Jiangmin	Trojan/HmBlocker.zt
Webroot	W32.Malware.Gen
Avira	TR/Fraud.Gen2
eGambit	Unsafe.AI_Score_99%
MAX	malware (ai score=100)
Antiy-AVL	Trojan[Ransom]/Win32.HmBlocker
Microsoft	Ransom:Win32/LockScreen.gen!B
Arcabit	Trojan.Barys.DE05D
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Gen:Variant.Barys.57437
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.HmBlocker.R2657
McAfee	Ransom-AA
VBA32	Hoax.HmBlocker
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/Genetic.gen
ESET-NOD32	a variant of Win32/LockScreen.ADX
Tencent	Win32.Trojan.Lockscreen.Lnfb
Yandex	Trojan.GenAsa!y7EoIYLJErk
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.4727971.susgen
Fortinet	W32/HmBlocker.BOS!tr
BitDefenderTheta	AI:Packer.2074F84421
AVG	Win32:Trojan-gen
Cybereason	malicious.fe27c7
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.Generic.HwoCFpsA

How to remove Barys.57437?

Barys.57437 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X