Categories: Ransom

Should I remove “Ransom:Win32/Encryptest”?

The Ransom:Win32/Encryptest is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom:Win32/Encryptest virus can do?

  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Ransom:Win32/Encryptest?



File Info:

crc32: 27161EF4md5: e931fcfd92ef53c28fcbc58a9586fa10name: E931FCFD92EF53C28FCBC58A9586FA10.mlwsha1: e51fa875283175c0cfa8b3deaadf9f3fc10d8345sha256: 7d35497a79cb953b1c918036b1d0cce46b8f0e3decbfefa3bb00e227c3430560sha512: d320c79994af9879de96d08fd0a76145dbde5adbb2183a9292965893639ca88f5d7454710f9874fc4aa140c4a8a27a48e176e0babc1ac1d531a91ff25e4ae94bssdeep: 12288:/ozGdX0M4ornOmZIzfMwHHQmRROXK7/X7qhGYJlGbQKwyzMH8ecEkrjit4Io7q:/4GHnhIzOa7/X7qQl8HWMagPtype: PE32 executable (console) Intel 80386, for MS Windows, UPX compressed

Version Info:

LegalCopyright: xc2xa91999-2015 Jonathan Bennett & AutoIt TeamProductVersion: 3.3.14.2FileVersion: 1.0.0.4Comments: Quickly extract $UsnJrnl from an NTFS volumeFileDescription: Quickly extract $UsnJrnl from an NTFS volumeTranslation: 0x0809 0x04b0

Ransom:Win32/Encryptest also known as:

Bkav W32.AIDetect.malware1
K7AntiVirus Trojan ( 0050f3c91 )
Cylance Unsafe
Zillya Trojan.Filecoder.Win32.8263
Sangfor Ransom.Win32.Encryptest.mt
CrowdStrike win/malicious_confidence_100% (W)
Alibaba Ransom:Win32/Encryptest.b2f94f52
K7GW Trojan ( 0050f3c91 )
Cyren W32/FakeDoc.J.gen!Eldorado
APEX Malicious
Avast Win32:Malware-gen
NANO-Antivirus Trojan.Win32.BrowserPwdStealer.ewdpxo
Comodo Malware@#2uu5yo30gk03q
VIPRE Trojan.Win32.Generic!BT
Webroot W32.Trojan.Gen
Avira TR/BrowserPwdStealer.gyfuo
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Microsoft Ransom:Win32/Encryptest
AegisLab Trojan.Win32.Generic.4!c
GData Win32.Trojan.Agent.AYSKLJ
MAX malware (ai score=100)
TrendMicro-HouseCall Ransom_Encryptest.R06CC0DDO21
Ikarus Trojan.Win32.Filecoder
Fortinet W32/Filecoder_Ishtar.R!tr
AVG Win32:Malware-gen

How to remove Ransom:Win32/Encryptest?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: a.tomx.xyzRansom:Win32/Encryptestz.whorecord.xyz
3 years ago

Recent Posts

Trojan.Dropper.AAAM malicious file

The Trojan.Dropper.AAAM is considered dangerous by lots of security experts. When this infection is active,…

16 mins ago

Win64/Kryptik.EHF removal instruction

The Win64/Kryptik.EHF is considered dangerous by lots of security experts. When this infection is active,…

36 mins ago

Application.Generic.3684796 removal

The Application.Generic.3684796 is considered dangerous by lots of security experts. When this infection is active,…

36 mins ago

How to remove “Win32/RemoteAdmin.NetCat.AA potentially unsafe”?

The Win32/RemoteAdmin.NetCat.AA potentially unsafe is considered dangerous by lots of security experts. When this infection…

46 mins ago

About “WinGo/Agent.EJ” infection

The WinGo/Agent.EJ is considered dangerous by lots of security experts. When this infection is active,…

46 mins ago

About “Backdoor:Win32/IRCbot!pz” infection

The Backdoor:Win32/IRCbot!pz is considered dangerous by lots of security experts. When this infection is active,…

52 mins ago