Ransom

Ransom:Win32/GandCrab!rfn removal instruction

Malware Removal

The Ransom:Win32/GandCrab!rfn is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom:Win32/GandCrab!rfn virus can do?

  • The binary likely contains encrypted or compressed data.
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Ransom:Win32/GandCrab!rfn?



File Info:

crc32: 90EBD190
md5: 36764fc2d0f638d177317e26d2185eb7
name: 36764FC2D0F638D177317E26D2185EB7.mlw
sha1: 7f5a8745b23a35f7318f19c2424eb74a39db8ece
sha256: 4d9fe0f2a02523746ec1204511881a5386b618b14e635e09e69fe607be9bd9e3
sha512: 9cca44663a42fe01026dfb54cf9c1ed319ec9f9067e9670d3eeb942eae40136b644833eb402ff5173ef9a76952c22b377f0b7d187fe67af0d9d99137de7e3120
ssdeep: 6144:1/4Eju1iYJlT9KWdUX9Z68Q4XSuhZOKsSkNujj7Rf6cFC2GtGrjLZepht99GwO:14Eii8lTcWW9MF0SufOKsBujjNCKC2G
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Ransom:Win32/GandCrab!rfn also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Banker1.25755
MicroWorld-eScanTrojan.BRMon.Gen.3
FireEyeGeneric.mg.36764fc2d0f638d1
CAT-QuickHealRansom.GandCrab.ZZ6
ALYacTrojan.BRMon.Gen.3
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0053305e1 )
BitDefenderTrojan.BRMon.Gen.3
K7GWTrojan ( 0052743e1 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZexaF.34590.syW@aqYOc9f
CyrenW32/S-c07995ba!Eldorado
SymantecPacked.Generic.525
TrendMicro-HouseCallMal_HPGen-37b
AvastFileRepMalware
KasperskyHEUR:Trojan.Win32.Generic
NANO-AntivirusTrojan.Win32.Banker1.eyconv
ViRobotTrojan.Win32.U.Ransom.300032
AegisLabTrojan.Win32.GandCrypt.j!c
RisingTrojan.Kryptik!1.B048 (CLOUD)
Ad-AwareTrojan.BRMon.Gen.3
SophosMal/Generic-R + Mal/GandCrab-A
ComodoTrojWare.Win32.Cloxer.AY@7o68fu
F-SecureHeuristic.HEUR/AGEN.1103299
ZillyaTrojan.GandCrypt.Win32.89
TrendMicroMal_HPGen-37b
McAfee-GW-EditionBehavesLike.Win32.Generic.dc
EmsisoftTrojan.BRMon.Gen.3 (B)
IkarusTrojan-Downloader.Win32.Zurgop
JiangminTrojan.GandCrypt.r
MaxSecureTrojan.Malware.300983.susgen
AviraHEUR/AGEN.1103299
Antiy-AVLTrojan/Win32.TSGeneric
MicrosoftRansom:Win32/GandCrab!rfn
ArcabitTrojan.BRMon.Gen.3
SUPERAntiSpywareTrojan.Agent/Gen-Kryptik
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.BRMon.Gen.3
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Gandcrab.R249167
Acronissuspicious
McAfeeGenericRXEC-RH!36764FC2D0F6
MAXmalware (ai score=100)
VBA32Trojan.Agentb
MalwarebytesMalware.AI.4096368993
PandaTrj/Genetic.gen
APEXMalicious
ESET-NOD32a variant of Win32/Kryptik.GDHD
TencentMalware.Win32.Gencirc.10b2c722
YandexTrojan.GenAsa!11UbpZS8OBk
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/GenKryptik.CNAR!tr
AVGFileRepMalware
Cybereasonmalicious.2d0f63
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.988

How to remove Ransom:Win32/GandCrab!rfn?

Ransom:Win32/GandCrab!rfn removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment