Should I remove “Ransom:Win32/Encryptest”?

Malware Removal

The Ransom:Win32/Encryptest is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Ransom:Win32/Encryptest virus can do?

  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Ransom:Win32/Encryptest?


File Info:

crc32: 27161EF4
md5: e931fcfd92ef53c28fcbc58a9586fa10
name: E931FCFD92EF53C28FCBC58A9586FA10.mlw
sha1: e51fa875283175c0cfa8b3deaadf9f3fc10d8345
sha256: 7d35497a79cb953b1c918036b1d0cce46b8f0e3decbfefa3bb00e227c3430560
sha512: d320c79994af9879de96d08fd0a76145dbde5adbb2183a9292965893639ca88f5d7454710f9874fc4aa140c4a8a27a48e176e0babc1ac1d531a91ff25e4ae94b
ssdeep: 12288:/ozGdX0M4ornOmZIzfMwHHQmRROXK7/X7qhGYJlGbQKwyzMH8ecEkrjit4Io7q:/4GHnhIzOa7/X7qQl8HWMagP
type: PE32 executable (console) Intel 80386, for MS Windows, UPX compressed

Version Info:

LegalCopyright: xc2xa91999-2015 Jonathan Bennett & AutoIt Team
ProductVersion: 3.3.14.2
FileVersion: 1.0.0.4
Comments: Quickly extract $UsnJrnl from an NTFS volume
FileDescription: Quickly extract $UsnJrnl from an NTFS volume
Translation: 0x0809 0x04b0

Ransom:Win32/Encryptest also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0050f3c91 )
CylanceUnsafe
ZillyaTrojan.Filecoder.Win32.8263
SangforRansom.Win32.Encryptest.mt
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/Encryptest.b2f94f52
K7GWTrojan ( 0050f3c91 )
CyrenW32/FakeDoc.J.gen!Eldorado
APEXMalicious
AvastWin32:Malware-gen
NANO-AntivirusTrojan.Win32.BrowserPwdStealer.ewdpxo
ComodoMalware@#2uu5yo30gk03q
VIPRETrojan.Win32.Generic!BT
WebrootW32.Trojan.Gen
AviraTR/BrowserPwdStealer.gyfuo
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftRansom:Win32/Encryptest
AegisLabTrojan.Win32.Generic.4!c
GDataWin32.Trojan.Agent.AYSKLJ
MAXmalware (ai score=100)
TrendMicro-HouseCallRansom_Encryptest.R06CC0DDO21
IkarusTrojan.Win32.Filecoder
FortinetW32/Filecoder_Ishtar.R!tr
AVGWin32:Malware-gen

How to remove Ransom:Win32/Encryptest?

Ransom:Win32/Encryptest removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment