Ransom.GandCrab.1922 removal instruction

Malware Removal

The Ransom.GandCrab.1922 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Ransom.GandCrab.1922 virus can do?

  • Starts servers listening on 127.0.0.1:0, 127.0.0.1:8090

Related domains:

z.whorecord.xyz
a.tomx.xyz
dataexpedition.com

How to determine Ransom.GandCrab.1922?


File Info:

crc32: 8A7CA61F
md5: 8dd41bc55fd25d723fccab944d9a2b7b
name: 8DD41BC55FD25D723FCCAB944D9A2B7B.mlw
sha1: 42ac71bf069a386a5c9a72fe2079ea052d282808
sha256: b796f92bf75d8c4d8c35326ca3f968e262c78ec6cefc15192e96d784e210da0c
sha512: 4d4a55b5754cd488c38eba65dc5adcf2b212c31d8cf81d738521dcd33eebb4376f9a2ed3a13deb861592f4cb32b77c19390c85d1e8ce294fd00e9319757916b2
ssdeep: 24576:34gEp9feNYV18F1SJrLcO2afjyif+ZoaP9TjE+/WD:3y788k4ryif+WoTj+
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyright (C) 2021 Data Expedition, Inc.
InternalName: ExpeDat Desktop
FileVersion: 1.19.2.0
CompanyName: Data Expedition, Inc.
LegalTrademarks: 'ExpeDat', and 'MTP' are trademarks of Data Expedition, Inc. 'Data Expedition, Inc.', 'Multipurpose Transaction Protocol', and 'DEI' are trademarks of Data Expedition, Inc. and are registered with the USPTO.
Comments: https://www.DataExpedition.com/
ProductName: ExpeDat
ProductVersion: 1.19C
FileDescription: ExpeDat Graphical Client
LegalPatents: U.S. Patent Numbers 7158479, 7313627, 7404003, and 7630315
OriginalFilename: ExpeDat Desktop.exe
Translation: 0x0409 0x04b0

Ransom.GandCrab.1922 also known as:

ALYacGen:Variant.Ransom.GandCrab.1922
Cybereasonmalicious.55fd25
AvastFileRepMalware
BitDefenderGen:Variant.Ransom.GandCrab.1922
MicroWorld-eScanGen:Variant.Ransom.GandCrab.1922
Ad-AwareGen:Variant.Ransom.GandCrab.1922
McAfee-GW-EditionArtemis
FireEyeGen:Variant.Ransom.GandCrab.1922
EmsisoftGen:Variant.Ransom.GandCrab.1922 (B)
MicrosoftProgram:Win32/Wacapew.C!ml
GDataGen:Variant.Ransom.GandCrab.1922
McAfeeArtemis!8DD41BC55FD2
MAXmalware (ai score=81)
AVGFileRepMalware
Qihoo-360Win32/Trojan.Generic.HgIASZoA

How to remove Ransom.GandCrab.1922?

Ransom.GandCrab.1922 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment