About “Ransom:MSIL/JigsawLocker.C” infection

The Ransom:MSIL/JigsawLocker.C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ransom:MSIL/JigsawLocker.C virus can do?

The binary likely contains encrypted or compressed data.

How to determine Ransom:MSIL/JigsawLocker.C?


File Info:
crc32: D298B7F5
md5: f57a03996540d5cac794719c8f275511
name: F57A03996540D5CAC794719C8F275511.mlw
sha1: 04b7b3242917bd2f718f7efc8be3e4ff209f82d0
sha256: f3a8c86499492cd007f1b46cd99a8ccd1d04d93b0a95f5e9b5e4e258ae5c239e
sha512: c45fdc01532b1e1a12f7e4b94b4e3b1590e0a56fb77c45dfcd439de24d7e268cde39bee6153e612caf584c1ce9f25aa83251306f9455eb1d033891c1abe8008a
ssdeep: 12288:v7mxNNsZXfXOsvbVu0NCDkVoxbZuuNNTNUhblcCBe9/yGG4NLtS21U:zKTsNOsvbVYxxsuN9NCb0lOa42
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
Translation: 0x0000 0x04b0
LegalCopyright: Copyright 2000-2018 Newsoft. All rights reserved.
Assembly Version: 21.0.3.5587
InternalName: Setup.exe
FileVersion: 21.0.3.5587
ProductName: Security patch
ProductVersion: 21.0.3.5587
FileDescription: Security patch
OriginalFilename: Setup.exe

Ransom:MSIL/JigsawLocker.C also known as:

K7AntiVirus	Trojan ( 004f21821 )
Elastic	malicious (high confidence)
DrWeb	Trojan.Encoder.27209
Cynet	Malicious (score: 99)
ALYac	Trojan.Ransom.Jigsaw
Cylance	Unsafe
Zillya	Trojan.Fsysna.Win32.17046
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Ransom:MSIL/JigsawLocker.d9e6ea68
K7GW	Trojan ( 004f21821 )
Cybereason	malicious.96540d
Symantec	Ransom.Jigsaw
ESET-NOD32	a variant of MSIL/Filecoder.Jigsaw.D
APEX	Malicious
Avast	Win32:Trojan-gen
Kaspersky	HEUR:Trojan.MSIL.Fsysna.gen
BitDefender	Generic.MSIL.Ransomware.Jigsaw.FB3FA1CD
NANO-Antivirus	Trojan.Win32.Fsysna.fnffsv
MicroWorld-eScan	Generic.MSIL.Ransomware.Jigsaw.FB3FA1CD
Tencent	Win32.Trojan.Raas.Auto
Ad-Aware	Generic.MSIL.Ransomware.Jigsaw.FB3FA1CD
Sophos	Troj/Jigsaw-K
Comodo	Malware@#211oaeuxostkd
BitDefenderTheta	Gen:NN.ZemsilF.34670.Rm0@aeV9YRh
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Ransom_JIGSAW.SM
McAfee-GW-Edition	BehavesLike.Win32.Generic.jc
FireEye	Generic.MSIL.Ransomware.Jigsaw.FB3FA1CD
Emsisoft	Generic.MSIL.Ransomware.Jigsaw.FB3FA1CD (B)
Jiangmin	Trojan.MSIL.qfmc
Webroot	W32.Trojan.Gen
Avira	HEUR/AGEN.1126341
Microsoft	Ransom:MSIL/JigsawLocker.C
Arcabit	Generic.MSIL.Ransomware.Jigsaw.FB3FA1CD
AegisLab	Trojan.MSIL.Fsysna.4!c
ZoneAlarm	HEUR:Trojan.MSIL.Fsysna.gen
GData	Generic.MSIL.Ransomware.Jigsaw.FB3FA1CD
AhnLab-V3	Trojan/Win32.FileCoder.C3017241
McAfee	GenericRXKB-DI!F57A03996540
MAX	malware (ai score=100)
VBA32	TScope.Trojan.MSIL
Malwarebytes	MachineLearning/Anomalous.95%
Panda	Trj/GdSda.A
TrendMicro-HouseCall	Ransom_JIGSAW.SM
Rising	Ransom.JigsawLocker!8.52DD (CLOUD)
Ikarus	Trojan-Ransom.JigSaw
MaxSecure	Trojan.Malware.73694066.susgen
Fortinet	MSIL/Jigsaw.D!tr.ransom
AVG	Win32:Trojan-gen
Paloalto	generic.ml
Qihoo-360	Win32/TrojanSpy.Fsysna.HgIASOsA

How to remove Ransom:MSIL/JigsawLocker.C?

Ransom:MSIL/JigsawLocker.C removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X