Generic.Ransom.MedusaLocker.942644D7 removal guide

Malware Removal

The Generic.Ransom.MedusaLocker.942644D7 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Generic.Ransom.MedusaLocker.942644D7 virus can do?

  • At least one process apparently crashed during execution
  • Possible date expiration check, exits too soon after checking local time
  • A process attempted to delay the analysis task.
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • A process created a hidden window
  • Drops a binary and executes it
  • Creates an autorun.inf file
  • Uses Windows utilities for basic functionality
  • Attempts to delete volume shadow copies
  • Modifies boot configuration settings
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Clears Windows events or logs
  • Creates a copy of itself
  • Attempts to disable UAC
  • Attempts to modify UAC prompt behavior
  • Uses suspicious command line tools or Windows utilities

How to determine Generic.Ransom.MedusaLocker.942644D7?


File Info:

crc32: DB75A2C3
md5: 9353a3fa46ce13ea133cfab51c8cbd7a
name: upload_file
sha1: f3e66237577a690ee907deac9ffbf6074a85e7a5
sha256: 8b9bdc5cf5534d377a6201d1803a5aa0915b93c9df524307118fd61f361bdba2
sha512: 255539cb03fe5fc5d87f5bf2fb8742496bbf9fcd1feb07872cb8a62aedb12a9c4d1039cec53bb0b015bd526b1c6adfab1e12182df8a24f7a5a65e06e40616a48
ssdeep: 12288:cPJ4U0TYQivI2qZ7aSgLwkFVpzUvest4ZEbjJLueJVoM7:JzTYVQ2qZ7aSgLwuVfstRJLFYM
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Generic.Ransom.MedusaLocker.942644D7 also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Ransom.MedusaLocker.942644D7
FireEyeGeneric.mg.9353a3fa46ce13ea
McAfeeGenericRXKP-XE!9353A3FA46CE
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusTrojan ( 0055a9531 )
BitDefenderGeneric.Ransom.MedusaLocker.942644D7
K7GWTrojan ( 0055a9531 )
CrowdStrikewin/malicious_confidence_100% (W)
Invinceaheuristic
SymantecRansom.Cryptolocker
APEXMalicious
KasperskyTrojan.Win32.DelShad.dax
AlibabaTrojan:Win32/DelShad.0061ee04
NANO-AntivirusTrojan.Win32.Filecoder.hjdojw
AegisLabTrojan.Win32.DelShad.4!c
TencentMalware.Win32.Gencirc.10cdcb68
Ad-AwareGeneric.Ransom.MedusaLocker.942644D7
EmsisoftGeneric.Ransom.MedusaLocker.942644D7 (B)
F-SecureTrojan.TR/DelShad.xrytt
DrWebTrojan.DownLoader33.34694
ZillyaTrojan.DelShad.Win32.481
TrendMicroRansom.Win32.MEDUSALOCKER.SMTH
FortinetW32/Filecoder.NYA!tr.ransom
SophosMal/Generic-S
IkarusTrojan-Ransom.Medusalocker
JiangminTrojan.DelShad.vv
AviraTR/DelShad.xrytt
MAXmalware (ai score=81)
Antiy-AVLTrojan[Ransom]/Win32.Ako
ArcabitGeneric.Ransom.MedusaLocker.942644D7
ZoneAlarmTrojan.Win32.DelShad.dax
MicrosoftRansom:Win32/Ako!MSR
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.R335910
VBA32Trojan.DelShad
ALYacTrojan.Ransom.MedusaLocker
MalwarebytesRansom.Medusa
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/Filecoder.MedusaLocker.C
TrendMicro-HouseCallRansom.Win32.MEDUSALOCKER.SMTH
RisingRansom.Medusa!1.C21A (CLASSIC)
YandexTrojan.Filecoder!IKimDDCJuYs
SentinelOneDFI – Suspicious PE
eGambitUnsafe.AI_Score_95%
GDataWin32.Trojan-Ransom.Filecoder.BO
BitDefenderThetaGen:NN.ZexaF.34144.QuW@aK8T6Ili
AVGWin32:Trojan-gen
AvastWin32:Trojan-gen
Qihoo-360Win32/Trojan.294

How to remove Generic.Ransom.MedusaLocker.942644D7?

Generic.Ransom.MedusaLocker.942644D7 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment