Should I remove "Ransom.Troldesh"?

The Ransom.Troldesh is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What Ransom.Troldesh virus can do?

Executable code extraction
Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
Reads data out of its own binary image
A process created a hidden window
The binary likely contains encrypted or compressed data.
Executed a process and injected code into it, probably while unpacking
Installs itself for autorun at Windows startup
Collects information about installed applications
Creates a hidden or system file
Creates a copy of itself
Anomalous binary characteristics

How to determine Ransom.Troldesh?


File Info:
crc32: 720746EF
md5: e99a6653e12d6b676a8984380b387a15
name: 2c.jpg
sha1: 3c17b6a7e1f0d3be71cfa185d8866f7caccbeb46
sha256: 6556303d76c57a172c38ce49630acbceb6b5fb9f033a9ff0c3d1ad5668269c32
sha512: e908819771ba6eabb61433c65763593eb941554f677784657f4409cc51c7c342542e02bc2fe54caff9e3f3044ea993d29abfef499723a68222ed37cba1227941
ssdeep: 24576:zroIU88zqtrXk/VVDJAjqQDFp/a10tYXob:zrH58mtr0Z0dhpWqb
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
FileOldVersion: 1.0.4.4
ProductVersion: 1.7.6
Copyrighd: Copyrighd (C) 2020, odfgbiv
InternalNameTwo: gjtrrh.exe
Translation: 0x0841 0x04c4

Ransom.Troldesh also known as:

DrWeb	Trojan.Encoder.858
MicroWorld-eScan	Trojan.GenericKD.32727374
FireEye	Generic.mg.e99a6653e12d6b67
CAT-QuickHeal	Ransom.Troldesh
McAfee	Ransomware-GRA!E99A6653E12D
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Riskware.Win32.TorTool.1!c
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Trojan.GenericKD.32727374
K7GW	Trojan ( 0055bbd91 )
K7AntiVirus	Trojan ( 0055bbd91 )
TrendMicro	TROJ_FRS.VSNW12K19
BitDefenderTheta	Gen:NN.ZexaF.32515.@y0@a4KyS0b
Symantec	Downloader
APEX	Malicious
Avast	Win32:DropperX-gen [Drp]
ClamAV	Win.Dropper.Tofsee-7402230-0
GData	Trojan.GenericKD.32727374
Kaspersky	not-a-virus:NetTool.Win32.TorTool.abh
NANO-Antivirus	Trojan.Win32.Encoder.gixgyo
ViRobot	Trojan.Win32.Z.Wacatac.1036800.C
Rising	Trojan.Kryptik!1.BE74 (CLASSIC)
Ad-Aware	Trojan.GenericKD.32727374
Sophos	Troj/Ransom-FSI
Comodo	Malware@#25wk32zyd6437
F-Secure	Trojan.TR/AD.Troldesh.vauvq
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.fc
Trapmine	malicious.moderate.ml.score
Ikarus	Trojan-Downloader.Win32.SmokeLoader
Cyren	W32/Trojan.DLBN-3946
Jiangmin	NetTool.TorTool.ax
Webroot	W32.Trojan.GenKD
Avira	TR/AD.Troldesh.vauvq
Antiy-AVL	RiskWare[NetTool]/Win32.TorTool
Endgame	malicious (high confidence)
Arcabit	Trojan.Generic.D1F3614E
ZoneAlarm	not-a-virus:NetTool.Win32.TorTool.abh
Microsoft	Trojan:Win32/GandCrypt.GB!MTB
AhnLab-V3	Trojan/Win32.MalPe.R299953
Acronis	suspicious
VBA32	BScope.Trojan.Wacatac
ALYac	Trojan.Ransom.Shade
MAX	malware (ai score=85)
Malwarebytes	Trojan.MalPack.GS
Panda	Trj/GdSda.A
ESET-NOD32	a variant of Win32/Kryptik.GYNN
TrendMicro-HouseCall	TROJ_FRS.VSNW12K19
SentinelOne	DFI – Malicious PE
MaxSecure	Trojan.Malware.74701925.susgen
Fortinet	Malicious_Behavior.SB
AVG	Win32:DropperX-gen [Drp]
Cybereason	malicious.7e1f0d
Qihoo-360	Win32/Virus.NetTool.0be

How to remove Ransom.Troldesh?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Should I remove “Ransom.Troldesh”?

How to determine Ransom.Troldesh?

File Info:

Version Info:

Ransom.Troldesh also known as:

How to remove Ransom.Troldesh?

About the author

Paul Valéry

Leave a Comment X

How to determine Ransom.Troldesh?

File Info:

Version Info:

Ransom.Troldesh also known as:

How to remove Ransom.Troldesh?

You may also like

About the author

Paul Valéry

Leave a Comment X