Ransom

Ransom.XVFXGW removal tips

Malware Removal

The Ransom.XVFXGW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom.XVFXGW virus can do?

  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Uses Windows utilities for basic functionality
  • Attempts to delete volume shadow copies
  • Modifies boot configuration settings
  • Exhibits possible ransomware file modification behavior
  • Writes a potential ransom message to disk
  • Network activity detected but not expressed in API logs
  • Likely virus infection of existing system binary
  • Uses suspicious command line tools or Windows utilities

How to determine Ransom.XVFXGW?



File Info:

crc32: D28F28A2
md5: 18df39e1f3afca1a7633c6340d614e9b
name: 18DF39E1F3AFCA1A7633C6340D614E9B.mlw
sha1: dc34134a43416d6af2f781b97699d5803d384464
sha256: 58673f5c9344f510703ffda908c7e7830f36905015529ab629479c6bf44236e9
sha512: 7c8a118114d5fbe55eff94dcffdb5788b4dda6185d521f251693aeef852cab519d54570ac8b6fb29e957dba35b2071001cc10a63c326b8710a87d23c7902b6b9
ssdeep: 768:PPvqexwEkfzeL4nCmvFk0F3Pi74drNysg45Ctfm9Wko3cNa29TXqRCWZFmeM//I:nvqeDGe0CmvFk0FfVBNst/x216cu63g
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

0: [No Data]

Ransom.XVFXGW also known as:

BkavW32.AIDetect.malware1
K7AntiVirusRiskware ( 0040eff71 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.31087
CynetMalicious (score: 100)
ALYacTrojan.Ransom.Genasom
CylanceUnsafe
ZillyaTrojan.Filecoder.Win32.12589
SangforRansom.Win32.Genasom.mt
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/generic.ali2000027
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.1f3afc
SymantecDownloader
ESET-NOD32a variant of Win32/Filecoder.OAU
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Virus.Win32.Infector
BitDefenderGen:Variant.Graftor.717353
NANO-AntivirusTrojan.Win32.Encoder.hcnyni
ViRobotTrojan.Win32.S.Genasom.57344
MicroWorld-eScanGen:Variant.Graftor.717353
TencentWin32.Trojan.Filecoder.Eaxz
Ad-AwareGen:Variant.Graftor.717353
SophosMal/Generic-S
ComodoMalware@#2l9dbjxn8wnyg
BitDefenderThetaGen:NN.ZexaF.34770.dmGfayq1tmki
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom.Win32.CRYPTOPXJ.SMJK
McAfee-GW-EditionBehavesLike.Win32.Generic.qc
FireEyeGeneric.mg.18df39e1f3afca1a
EmsisoftGen:Variant.Graftor.717353 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Agentb.ghw
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1141575
Antiy-AVLTrojan/Generic.ASSuf.29221
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftTrojan:Win32/Genasom!MSR
ArcabitTrojan.Graftor.DAF229
AegisLabVirus.Win32.Infector.n!c
ZoneAlarmHEUR:Virus.Win32.Infector
GDataWin32.Trojan-Ransom.Filecoder.CF@gen
TACHYONRansom/W32.Genasom.114688
AhnLab-V3Malware/Win32.Generic.C4017809
McAfeeGenericRXAA-FA!18DF39E1F3AF
MAXmalware (ai score=100)
VBA32Trojan.Encoder
MalwarebytesRansom.XVFXGW
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom.Win32.CRYPTOPXJ.SMJK
RisingRansom.Agent!1.C307 (CLASSIC)
YandexTrojan.Filecoder!b+h7y9ZrmdE
IkarusTrojan.SuspectCRC
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Filecoder.OAU!tr.ransom
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Genasom.HwsBEpsA

How to remove Ransom.XVFXGW?

Ransom.XVFXGW removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment